December 13th, 2016
From the New York Times:
“A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.
The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.”
The email addresses obtained by the crime ring will most likely be sold on the black market to hackers looking to use them for spear phishing.
Spear phishing attacks are the highly successful spawn of email phishing: a low volume, highly targeted attack. When someone sends you a spear phishing email, it looks like it’s coming from someone you trust, but the email contains a link that delivers malware, giving the hacker access to your network. If your email security system isn’t designed to stop spear phishing in its tracks, you are vulnerable to these kinds of attacks.
Sendio’s Email Security Gateway™ stops spear phishing emails in their tracks. The Email Security Gateway is a multi-layer defense against malicious emails and spam
Here’s how it stops spear phishing before it makes it to an inbox:
- Sender Policy Framework: The SPF – sender policy framework – check employed by Sendio prevents spoofing by confirming that the sending IP address is officially referenced in the sending domain’s SPF record. If the SPF check fails, the email is held on Sendio and not delivered to the user’s Inbox.
- Smart Whitelisting: Unlike other email security providers that don’t scan emails from addresses on your whitelist, Sendio scans every email to prevent you from falling prey to spear phishing.
Most email security providers use an SPF check, but if an email sender is on your whitelist, emails from that person go straight to your inbox without being scanned for spoofing. Sendio scans every email, every time to keep your network safe.
Watch the video below to learn about Sendio’s email communities, then fill out the form to the right to learn how you can protect your business from spear phishing attacks.