Security Management Strategies for the CIO
Email Alerts
-
Chained Exploits: How to prevent phishing attacks from corporate spies
Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt from Chained Exploits: Advanced Hacking Attacks from Start to Finish, learn how to keep corporate spies at bay. Book Chapter
-
Voice over IP Security: VoIP Threat Taxonomy
In an excerpt from Voice over IP Security, author Patrick Park reviews VoIP threats, including spam, phishing and other threats against social context. Book Chapter
-
Email security test: Basics and threats
Test your knowledge of email security essentials with this fifteen-question quiz from Joel Snyder. Quiz
-
Quiz: Counterintelligence strategies for thwarting email threats
Take this five-question quiz to evaluate your knowledge of the material presented by expert Sandra Kay Miller in this Messaging Security School lesson. Quiz
-
Quiz: Spam 2.0 -- New threats and new strategies
A five-question multiple-choice quiz to test your understanding of spam defense strategies presented by expert Michael Cobb in this lesson of SearchSecurity.com's Messaging Security School. Quiz
-
Spam 2.0: New attacks, viruses and prevention strategies
In the war on spam, new battlefronts are constantly emerging. Learn how security professionals can stay on top of the latest email threats. Messaging Security School
-
The changing threat of email attacks
In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch. Messaging Security School
-
Quiz: Defending mobile devices from viruses, spyware and malware
Test your understanding of the content presented in Defending mobile devices from viruses and malware lesson of SearchSecurity.com's Messaging Security School. Quiz
-
Quiz: Countermeasures for malicious email code
A five-question multiple-choice quiz to test your understanding of the content presented in Countermeasures for malicious email code lesson of SearchSecurity.com's Messaging Security School. Messaging Security School
-
Hacker's Challenge 3: Big Bait, Big Phish
In this excerpt of Chapter 3 from "Hacker's Challenge 3," author Bill Pennington provides a detailed example of a situation in which an organization's network is attacked and customer data is compromised. Book Chapter
- See more Essential Knowledge on Email and Messaging Threats (spam, phishing, instant messaging)
-
Electronic identity cards join the fight against phishing attacks
A new approach to fighting phishing allows users to create electronic identity cards for each website they access. News | 21 Aug 2013
-
Lavabit, Silent Circle close secure email rather than spill the goods
Lavabit and Silent Circle, both providers of secure communications for the consumer market, close under threat of U.S. government meddling. News | 09 Aug 2013
-
Emerging antiphishing tools use testing, training to educate users
Emerging enterprise antiphishing tools use testing, training to help users recognize bogus messages, addressing a long-standing defensive pain point. News | 16 Apr 2013
-
Study finds spear phishing at heart of most targeted attacks
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro. News | 29 Nov 2012
-
Spam campaign abuses flaw tricking thousands with shortened .gov URLs
Spammers have spoofed shortened URLs designed to validate redirects to several states including California, Iowa, Indiana and Vermont. News | 18 Oct 2012
-
FireEye warns of steady increase in advanced malware
Social engineering tactics often involve email attachments targeting various industry sectors, says the security firm. News | 04 Sep 2012
-
Black Hat 2012: Social engineering training benefits IT teams, end users
James Philput of Information Assurance Professionals will explain how social engineering training can instill security awareness into end users. News | 18 Jul 2012
-
Spear phishing attacks target defense contractors, security firms
A spear phishing campaign contains a message about industrial control systems security and a malicious .pdf file that downloads malware to steal data. News | 14 Jun 2012
-
Email providers push DMARC email authentication to combat phishing
DMARC creates an authentication loop that could help people determine the legitimacy of an email. News | 30 Jan 2012
-
Readiness team warns of spoofed US-CERT email addresses in phishing campaign
A phishing email campaign is targeting private and public sector organizations with phony US-CERT email addresses. News | 11 Jan 2012
- See more News on Email and Messaging Threats (spam, phishing, instant messaging)
-
Social engineering penetration testing: Four effective techniques
Social engineering penetration testing is now a must for enterprises. Learn about the four methods your pen tests should use. Tip
-
How to prevent phishing attacks: User awareness and training
In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing. Tip
-
Spear phishing examples: How to stop phishing from compromising users
Spear phishing targets the weakest link in most security programs: users. These spear phishing examples can help your enterprise thwart attacks. Tip
-
The state of enterprise spam filters: Can more be done to control spam?
Does your enterprise rely solely on its email filter to protect against spam? Are you aware of how spam filters work? Expert Michael Cobb discusses how today's spam works, and what can help control spam in an enterprise setting. Tip
-
How to prevent phishing attacks with social engineering tests
Is your enterprise capable of withstanding today's phishing attacks? Sherri Davidoff reviews how you can test your employees. Tip
-
Video: The foundation of an email security strategy
Guest instructor Joel Snyder explains which standards can help you increase the security of SMTP-based email. Tip
-
Thinking fast-flux: New bait for advanced phishing tactics
Bot herders haven't made millions of dollars by relying on yesterday's botnet techniques. In fact, the bad guys have found an innovative new way to leverage thousands of drone machines; it's called fast flux, and it makes even the largest botnets muc... Tip
-
Preventing spam bots from hijacking an enterprise network
According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise systems... Tip
-
Eliminating the threat of spam email attacks
Spam emails cluttering your inbox aren't just a minor inconvenience; these annoying messages can infect your systems with harmful code, viruses and Trojans. Contributor Scott Sidel examines SpamAssassin, an open source software tool designed to keep ... Tip
-
Reputation systems gaining credibility in fight against spam
Now that nearly all organizations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies. But as Mike Rothman writes, the emergence of reputation-based systems is maki... Tip
- See more Tips on Email and Messaging Threats (spam, phishing, instant messaging)
-
To nullify targeted attacks, limit out-of-office message security risk
Expert Michael Cobb details how to reduce out-of-office message security risk --and thus targeted attacks -- by limiting personal info given. Answer
-
Can DomainKeys Identified Mail still be used for email authentication?
Expert Nick Lewis determines whether the DomainKeys Identified Mail protocol can still be safely relied upon for email authentication. Answer
-
Mitigations for mobile phishing problems on the iOS platform
With potential phishing problems surfacing for iOS users, expert Nick Lewis provides advice for enterprises facing the mobile phishing menace. Answer
-
Using social engineering testing to foster anti-social engineering training
Worried your users could easily be pwned? Learn about improving social engineering testing to foster anti-social engineering training. Answer
-
Webmail forensics: Investigating issues with email forwarding security
Expert Mike Cobb discusses webmail forensics possibilities for dealing with the aftermath of an issue involving an email forwarding security breach. Answer
-
Curb the spam virus threat via information security awareness training
Information security awareness training doesn't always protect users from the ongoing spam virus threat. Nick Lewis offers additional measures that may help. Answer
-
The fight against phishing: Utilizing SPF and DKIM authentication technology
The fight against phishing has been waging for years. Expert Michael Cobb explains how SPF and DKIM authentication technologies could turn the tide. Answer
-
IPv6 malware: With the transition, will IPv6 spam increase?
The transition from IPv4 to IPv6 could have some unintended negative consequences for security. Answer
-
Google 'Gchat' security and Internet application security best practices
Users in the enterprise may unknowingly be exposed to 'Gchat' security risks. Expert Michael Cobb discusses Internet application security best practices that can help protect enterprise users. Ask the Expert
-
Can I trace email origin locations to thwart email attachment viruses?
Can tracing an email back to its origin help to prevent the threat of future viruses via email? Learn more in this expert response. Ask the Expert
- See more Expert Advice on Email and Messaging Threats (spam, phishing, instant messaging)
-
spear phishing
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from ... Definition
-
content filtering (information filtering)
On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable. Definition
-
Operation Phish Phry
Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities. Definition
-
Rock Phish
Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit availa... Definition
-
pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Definition
-
spam trap
A spam trap is the inclusion of an option in an online form that is preselected by default with the expectation that the user will fail to notice the option. Definition
-
spoof
Spoof was a game involving trickery and nonsense that was invented by an English comedian, Arthur Roberts, prior to 1884, when it is recorded as having been "revived. Definition
-
spam cocktail (or anti-spam cocktail)
A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of fal... Definition
-
mail bomb
A mail bomb is the sending of a massive amount of e-mail to a specific person or system. Definition
-
Joe job
A Joe job is an e-mail spoofing exploit in which someone sends out huge volumes of spam that appear to be from someone other than the actual source. Definition
- See more Definitions on Email and Messaging Threats (spam, phishing, instant messaging)
-
Black Hat 2012: Phishing and social engineering penetration testing
Video: Anti-spear phishing training is controversial, but can be effective if it is done right, says Rohyt Belani, CEO and co-founder of PhishMe Inc. Video
-
Information security podcasts: 2010 and 2011 archive
Download information security podcasts from SearchSecurity's 2010 and 2011 podcast archive. Podcast
-
419 baiters: Not all scam emails from Nigeria
Almost everyone has received an email promising riches from African royalty, but not all 419 scam emails come from Africa. Learn how to prevent employees from getting suckered in by these scams. Video
-
Paypal account security: CISO on ways to prevent phishing
Paypal has become known as one of the top organizations when it comes to fighting phishing, mostly because its been a target of so many phishing scams. In this interview, Paypal CISO Michael Barrett describes how his organization approaches the phish... Video
-
Next generation spam: New threats and new technologies
This video examines the evolution of the content security gateway as it evolves beyond just blocking spam and Web filtering, emphasizing the techniques and technologies used to ensure data doesn't leave your organization. Video
-
Unified communications: Securing a converged infrastructure
With so many different communications systems being combined, it can be tough to know where to start when it comes to security. In this video, John Burke explains the basics of securing this new type of infrastructure. Video
-
Economy fuels malware, spam
Dave Marcus of McAfee's Avert Labs, breaks down the threat landscape and explains why spam numbers are rising and malware writers are taking advantage of the down economy. Video
-
Podcast: Countdown --Top 5 technologies to help battle the new spam threat
In this featured podcast, Michael Cobb counts down the top 5 ways for your company to battle new and evolving spam threats, and discusses the pros and cons of current antispam technologies. Podcast
-
Countdown: Top 5 next-generation messaging attacks that antivirus can't catch
In this Podcast, expert Mike Rothman counts down the top five next-generation messaging attacks that antivirus can't catch, and tells you how to stop them. Podcast
-
Electronic identity cards join the fight against phishing attacks
A new approach to fighting phishing allows users to create electronic identity cards for each website they access. News
-
Lavabit, Silent Circle close secure email rather than spill the goods
Lavabit and Silent Circle, both providers of secure communications for the consumer market, close under threat of U.S. government meddling. News
-
Emerging antiphishing tools use testing, training to educate users
Emerging enterprise antiphishing tools use testing, training to help users recognize bogus messages, addressing a long-standing defensive pain point. News
-
To nullify targeted attacks, limit out-of-office message security risk
Expert Michael Cobb details how to reduce out-of-office message security risk --and thus targeted attacks -- by limiting personal info given. Answer
-
Can DomainKeys Identified Mail still be used for email authentication?
Expert Nick Lewis determines whether the DomainKeys Identified Mail protocol can still be safely relied upon for email authentication. Answer
-
Mitigations for mobile phishing problems on the iOS platform
With potential phishing problems surfacing for iOS users, expert Nick Lewis provides advice for enterprises facing the mobile phishing menace. Answer
-
Study finds spear phishing at heart of most targeted attacks
Malicious file attachments are typically used as the payload, according to a report issued this week by Trend Micro. News
-
Spam campaign abuses flaw tricking thousands with shortened .gov URLs
Spammers have spoofed shortened URLs designed to validate redirects to several states including California, Iowa, Indiana and Vermont. News
-
FireEye warns of steady increase in advanced malware
Social engineering tactics often involve email attachments targeting various industry sectors, says the security firm. News
-
Black Hat 2012: Phishing and social engineering penetration testing
Video: Anti-spear phishing training is controversial, but can be effective if it is done right, says Rohyt Belani, CEO and co-founder of PhishMe Inc. Video
- See more All on Email and Messaging Threats (spam, phishing, instant messaging)
About Email and Messaging Threats (spam, phishing, instant messaging)
Defend against email and messaging threats and boost email security and protection with this resource. You will get advice from the experts on how to prevent hacker attacks, spam, phishing and instant messaging attacks.