Terminology

Risk Emails

Email spoofing – creation of email messages with forged sender address.

Spam – unsolicited, undesired, or illegal email messages.

Phishing – is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity.

Whaling phishing – also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company. In many whaling attacks, the attacker’s goal is to manipulate the victim into authorizing high-value wire transfers to the attacker. 

Viruses, Malware, Ransomware – is any software intentionally designed to cause damage to a computer, server, client or computer network.

Denial of Service – (Dos attack) is a cyber-attack in which the perpetrator seeks to disable, shut down or disrupt a network, website or service. 

Product Functionality

URL Analysis – evaluates URLs within the message, using a risk score based on country/Top Level Domain (TLD), content , dependent on content types, including, misspelt or suspect words or invisible content and masking, where patterns may indicate that the sender is trying to mask true destination of the URL.

Quarantine – provides customers with the ability to release messages in case of misclassification based on defined conditions.

Gray mail – when one of the filtering engines has detected an email as spam but the other hasn’t so it gives you the chance to release the email if needed.

Data Loss Prevention (DLP) – is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.

Email Backup - An email back up is a snap shot of a set of email data at a point in time. Generally the data is held ready to be restored in a time of emergency, i.e system failure causing lost data. It will be restored to a specific point in time specified.

Email Archive - An enterprise wide email archive securely preserves all messages for anytime retrieval. It enables administrators to search across all users (past and present) based on a search criteria to find email messages and their associated attachments. For legal hold and official information requests it is wise to deploy tamper proof email archives.

Journaling- ensures a complete archive of the organisation’s emails are stored in a single, searchable, secure, off-site environment. 

Sandboxing - A sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. Often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.

Email Standards

DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorised use. The purpose of DMARC is to protect a domain from being used in business email compromise attacks, phishing emails, email scams and cyber threat activities. When combined with SPF and DKIM you’re putting in place comprehensive email security defenses that will substantially increase your protection against high risk email.

DKIM – (Domain Keys Identified Mail) is an email authentication method designed to detect forged sender addresses in emails, a technique often used in phishing and email spam.

SPF (Sender Policy Framework) is an email authentication method designed to detect forging sender addresses during the delivery of the email.

Message Transfer Agent- (MTA) within the internet email system a MTA is software that transfers electronic mail messages from one computer to another using SMTP.