This significantly upgrades the anti-phishing protection available for users of Intermedia’s solution for Exchange, and while the features themselves are free, they give partners an opportunity to have a phishing discussion with customers.
SMB-focused cloud services IT provider Intermedia has announced the integration of six new anti-phishing features within their Intermedia Email Protection solution for Exchange users. It significantly upgrades the level of anti-phishing protection that was there before
“We have had anti-spam capabilities in this product for a long time,” said Jonathan Levine, Intermedia’s CTO. “The anti-spam has always picked up less sophisticated phishing attempts. The new anti-phishing capabilities are aimed at the more recent spear phishing attacks facilitated by social networking, where they try and get to specific people within an organization. Traditional anti-spam is hard for that to pick up.”
While Intermedia has used all of these protections internally for a while, they are net-new to the Email Protection offering.
Similar domain check testing uses a similarity algorithm to determine if the phisher is using a registered email domain that looks ‘similar’ to a company’s email domain, such as substituting an 1 for an l. The similarity algorithm confirms that the sending domain is coming from within the organization.
A user impersonation check feature checks to see if the phisher has spoofed the name of an individual in the subject line.
The suspicious content check feature performs an email content inspection to pinpoint vocabulary and language that might indicate a spear-phishing attack. This allows either for the message to be blocked or a subject tag like “[POSSIBLE PHISHING ATTEMPT]” to be added, to alerting the recipient to use caution.
Tagging messages from external senders explicitly indicates if a message originated from outside of the organization. The word “[EXTERNAL]” can be added to all messages sent from someone outside of the organization. This feature is most effective when coupled with security training for your employees on how to react to these kinds of messages.
The reply-to check feature checks the “reply to” address of a message to alert readers if they are sending a response to a different address from where the email originated.
A domain impersonation check helps stop attackers from spoofing a company’s email domain by determining if the sending domain of an external message is an exact match to a company email domain.
Levine said the features are a blend of things that other providers offer, and some unique features.
“Some of the things we are doing are more advanced than the rest of the market,” he said. “Like any security strategy, each feature is one layer in a multi-layer stack. They test the way that we know phishers disguise themselves. We don’t know that everything that is identified as a possible phishing attempt is bad, but just flag it to advise caution. That’s why these measures are always most effective when combined with training. That’s why we phish our own employees to get them so sensitized about possible phishing that they will forward the emails to security.”
Levine said these features are tailored specifically for SMBs.
“This is for people who are non-technical,” he said. “Many such solutions assume organizations have a bigger number of users than most SMBs. As with a lot of our products, we are trying to deliver enterprise class solutions to the small business. At the same time, we are trying to make things affordable. These features come with no additional cost to users of the solution.”
Levine said that because phishing is a serious problem for the market, it presents an opportunity for channel partners, and these enhancements will certainly help there.
“I think this is an opportunity for partners to go to their customers and present themselves as a trusted partner in security to address these issues,” he said. “Even though the configuration is relatively simple, phishing is a problem for individuals and businesses of all sizes. It’s important for channel providers to come up with some kind of solution for them.”