Story image

Email prime target for cyber attacks, FirstWave responds with domain filter

20 Apr 2016

In response to increasing number of attacks targeting email, such as the C-Level Impersonation filter and other ‘whaling’ attacks, FirstWave Cloud Technology has launched a Typo Domain filter on its ESPTM Mail cloud security platform.

This new filter has been designed to deflect and block sophisticated email phishing threats targeting the wider attack surface of email users at any organisation level in the enterprise, according to a statement.

According to FirstWave, cyber attackers can take advantage of Internationalised Domain Names (IDNs) with special character sets to create and send phishing emails from servers using legitimately-established domain names - these are indistinguishable to most recipients from well-known or trusted domain names. Attacks such as this are sometimes known under the banner of homograph attacks or imposter email attacks.

FirstWave says attackers can apply this technique and use a homograph of a company’s own domain name or names to trick employees of that company to accept and click on links in emails that appear to be legitimately coming from within their own organisation.

The majority of existing email security and phishing filters cannot assure they will block such an attack, according to the company. Standard sender domain authentication techniques used by email transport nodes and email security gateways, such as SPF and DKIM, can be penetrated because these homograph domains can appear authentic in the DNS system.

To provide a broad yet enterprise specific defence against this form of attack, FirstWave Cloud Technology’s Typo Domain filter uses advanced ‘fuzzy matching‘ software library algorithms in its ESPTM Mail platform, tested against a wide range of homograph domain attack scenarios. As such, the filter is designed to provide high protection efficacy and very low false positives.

According to FirstWave, the Typo Domain filter will automatically protect all customer domains already configured on the FirstWave cloud Mail security service, without the need for any customer administrator configuration action.

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres