10 Things You Need In An Email Security Service
From detecting snowshoe spam and compromised cloud accounts to providing simulated phishing attacks, sentiment analysis and oversight of east-west traffic, here are 10 things companies should look for in an email security service.
Ability To Detect Snowshoe Spam
Hackers like to use exploits that are very difficult to detect since they were uniquely created with a specific victim in mind, meaning they’ll fly under the radar of email security software, according to Dan Schiappa, chief product officer at Sophos. Adversaries like to capitalize on super-spreading capabilities using everything from EternalBlue for WannaCry to Lemon Duck malware to snowshoe spam, he said.
Even if the message being distributed via snowshoe spam has been customized, Schiappa said a good email security product can still detect it since the delivery mechanism leads to unusual spreading patterns. Snowshoe spam messages with an urgent call to action around something like COVID-19 tend to get high levels of engagement since people’s stress and anxiety cause them to click, Schiappa said.
Non-email communication paths like Microsoft Teams or Slack also pose security risks, but unlike email –which can be held and inspected before getting passed on–Teams and Slack are more of a real-time communication platform, Schiappa said. Vendors use the same security inspection techniques on Teams and Slack as email, but the multi-person, real-time nature of communication can make it difficult.