Here at The Red Penguin Group our ethos is based on simple and elegant solutions. We take this approach to all aspects of IT support including spam filtering. Keeping customers networks secure is a key part of this ethos. We have teamed up with EveryCloud to bring advanced email protection and threat management to our customers.
Given that up to 73% of all email sent is considered spam its arguable that protecting your mail is the most important thing a business can do to prevent malware and data/identity theft.
Our deep dive will look into the types of spam out their and what you can do to best protect yourself and your business.
But what is considered spam?
The official definition of spam is either “irrelevant or unsolicited email” or “a tinned meat product made mainly from ham”. Given The Red Penguin Group is not in the business of supplying meat products we will focus on the first definition.
Often people associate spam email is any email that contains a virus or some form of electronic threat , this however is not the case. A spam email is simply any email to which the recipient did not want (unsolicited) or does not need (irrelevant) so that family email sent with a link to the latest YouTube cat video could be considered spam.
Most of the time this spam email is just a nuisance but there are several types of spam email that have more sinister intentions. These typically form two types:
- Phishing email – This email is designed to encourage the recipient to give up personal information that can be used to steal data / identity. Often this email imitates a legitimate source such as a bank and often these emails look very genuine.
- Virus threat – This is a email that has malicious code or software either embedded into the email via links or included in an attachment.
Lets look at Phishing spam email first
This is arguably the most common form of malicious spam and it one of the main reasons why we suggest users have spam filtering in place.
The main goal of phishing spam is to get the recipient to offer up personal information usually via a embedded link or attachment. Most of the time this email looks like a genuine email from a legitimate source such as your bank, typically the link you are required to click onto will take you to a login page that perfectly replicates the login page of the legitimate site.
In the below example you can see the email clearly designed to replicate correspondence from Amazon.
Source: https://resources.infosecinstitute.com/category/enterprise/phishing/#gref
In the above example you can see some key indicators that the email is fake namely the sending email is not a genuine Amazon address, the recipient is not mentioned by name and the link redirects to a spurious website.
Its worth noting that very rarely will large organisations especially financial companies such as banks will ask for your details via email. If in doubt call the company referenced and NOT via any phone number listed. Go via the main website’s contact page.
Virus Threat spam emails
These emails are less common that phishing emails but can be far more destructive, this type of spam will often have a seemingly genuine attachment such as a word document and quite often it will be ‘spoofed’ from a genuine contact. For example you may get an email from John Smith replicating John’s email address so it can be very easy to assume the email is genuine.
Quite often these types of spam email come after a known contact’s email account or computer gets hacked or compromised with malware that then acquires key email info such as sign in information.
The below example typifies this type of spam, the sender looks like a genuine sender and the body of the email is coherent. The attachment will contain the malware and often the recipient will not notice that their computer has been infected.
Source: https://www.2-spyware.com/how-to-identify-an-email-infected-with-a-virus
What can The Red Penguin Group do to help with spam?
So as mentioned we are partnered up with EveryCloud email protection. EveryCloud is a cloud managed system that sits in front of your organisation, In essence your email is sent to EveryCloud 1st before hitting your businesses network unlike several other systems that rely on having software installed on each computer. This older system is inherently less secure because the email is already within your network.
Our spam filtering service is 100% cloud managed and offers several key elements to block typically 99.9% of spam
- Spam filtering – All email is passed first to the filtering portal and used algorithms and heuristic analysis to scan inbound and outbound email, this is then categorised into one of several groups (infomail / virus infection / clean / phishing etc). Any email that is not clearly considered clean would be held in quarantine allowing the end user to either ‘allow’ or ‘block’ rather than simply reject the message.
- Threat Protection – This additional layer of security takes the above a stage deeper by using behaviour analysis to see if the emails follow a pattern. For example even a email sent from within your own network may be sandboxed if the content of the email is out of character for the sender for example an email from the finance department asking an employee for a large payment for contract parking etc
- Quarantine reports – Custom reports that identify the types of spam your organisation receives and who receives the most and at what time. This can help identify possible areas of security concerns within your organisations.
- Continuity – By having your email sent to a cloud spam portal first allows the organisation to still use email even in the event of local hardware failure, so if your on-premise email server loses power you can still access email via a web portal
- Archiving – Ability to archive up to several years worth of email. This can help meet compliance guidelines
How much does this spam filtering cost? Will I have any downtime?
Less than you think, Spam filtering is priced at £2 per mailbox with optional extra’s such as archiving competitively priced. The £2 option still gives you enterprise grade spam filtering and threat protection with 7 day fail-over retention, personalised quarantine reports and end user spam portal with email client add in.
Regarding downtime it can take up to 90 minutes for email filtering to start passing through the filter service, This is due to DNS propagation however in reality its very rare that email is not immediately filtered. We don’t need to do any site visits or access your network all we need is access to your domain hosting platform.
If you would like some more information on spam filtering please get in touch or follow us on Twitter | LinkedIn | Facebook for all the latest news and updates.