This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing five of the top network-based inline IPS appliances."
Download it now to read this article plus other related content.
Highly Targeted Phishing Attacks
Another trend security managers and analysts say they're witnessing is the growing number of highly targeted attacks aimed at specific companies, regional financial services firms and banks.
"We're seeing more spoofed e-mails that appear to be coming from internal employees, but are really phishing attacks attempting to grab passwords or lure users to malicious Web sites," says Gene Fredriksen, vice president of information security at Raymond James and Associates.
By shooting a few dozen highly targeted e-mails, rather than spamming out thousands, fraudsters are often able to sidestep antispam filters.
| Q: What is the value of using multiple antivirus engines on SMTP or Exchange front ends? Is this a recommended practice rather than relying on a product with a single engine at the edge?
Snyder: Multiple AV engines are always a good idea. My personal preference is to have one at the edge and one at the desktop. This guards against failures on the edge or messages that don't go through the edge. But there are many ways to accomplish this. Where and how you do it is largely an architectural choice.
That's good news to Fredrikson. "Phishing attacks can be devastating to a corporation's brand. Any technology that will help increase security outside of the corporate perimeter is welcome," he says.
And not just corporate image is at risk. The spike in phishing attacks--combined with rising identity-theft fears--is quickly eroding trust in e-commerce. In a report earlier this year, Gartner estimated that the loss of trust could squeeze e-commerce growth by 3 percent and cost corporations billions in lost revenue.
Dan Lissek, information technology director for international law firm Holme Roberts & Owen, already knew the perils of insecure inboxes. Lissek estimates that during 2003, 30 percent of e-mail sent to the firm was spam and phishing attacks; the figure reached roughly 70 percent by early 2004. To make matters worse, the firm's 215-plus attorneys were spending at least 30 minutes a day sifting through junk e-mail--too much time for a business that relies on billable hours. Meanwhile, Lissek's IT staff had to respond to spam inquires from employees and sort through lengthy spam filter reports.
"We had to do something," says Lissek, "to stop our IT department from having to manage an internal filtering system that was pretty much unsuccessful and very labor intensive."
In 2003, the firm's defensive measures included MX Logic's managed E-mail Defense Service. According to Lissek, when he cranked the filters up to their highest levels, "all of a sudden my Exchange administrator, my technical support manager and their staff weren't spending time on [sorting through junk e-mail], and our attorneys got a good portion of their day back."
|Click here for a comprehensive list of e-mail security solutions available today (PDF).|
Richard Smith, director of information technology for R.W. Smith & Associates, a facilitator of trades between securities dealers and dealer banks, saves all of his spam. While e-mail worms and viruses aren't a problem, complying with stringent regulations certainly is. The Kirkland, Wash., firm receives 33,000 to 68,000 e-mails each month. To keep those messages clean of spam and viruses, it relies on two open-source tools--SpamAssassin and ClamAV.
This was first published in October 2005