Story image

Email prime target for cyber attacks, FirstWave responds with domain filter

20 Apr 16

In response to increasing number of attacks targeting email, such as the C-Level Impersonation filter and other ‘whaling’ attacks, FirstWave Cloud Technology has launched a Typo Domain filter on its ESPTM Mail cloud security platform.

This new filter has been designed to deflect and block sophisticated email phishing threats targeting the wider attack surface of email users at any organisation level in the enterprise, according to a statement.

According to FirstWave, cyber attackers can take advantage of Internationalised Domain Names (IDNs) with special character sets to create and send phishing emails from servers using legitimately-established domain names - these are indistinguishable to most recipients from well-known or trusted domain names. Attacks such as this are sometimes known under the banner of homograph attacks or imposter email attacks.

FirstWave says attackers can apply this technique and use a homograph of a company’s own domain name or names to trick employees of that company to accept and click on links in emails that appear to be legitimately coming from within their own organisation.

The majority of existing email security and phishing filters cannot assure they will block such an attack, according to the company. Standard sender domain authentication techniques used by email transport nodes and email security gateways, such as SPF and DKIM, can be penetrated because these homograph domains can appear authentic in the DNS system.

To provide a broad yet enterprise specific defence against this form of attack, FirstWave Cloud Technology’s Typo Domain filter uses advanced ‘fuzzy matching‘ software library algorithms in its ESPTM Mail platform, tested against a wide range of homograph domain attack scenarios. As such, the filter is designed to provide high protection efficacy and very low false positives.

According to FirstWave, the Typo Domain filter will automatically protect all customer domains already configured on the FirstWave cloud Mail security service, without the need for any customer administrator configuration action.

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Security platform provider Deep Instinct expands local presence
The company has made two A/NZ specific leadership hires and formed several partnerships with organisations in the region.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Stepping up to sell security services in A/NZ
WatchGuard Technologies A/NZ regional director gives his top tips on how to make a move into the increasingly lucrative cybersecurity services market.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”