Security Management Strategies for the CIOEmail Alerts
-
Chained Exploits: How to prevent phishing attacks from corporate spies
Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt from Chained Exploits: Advanced Hacking Attacks from Start to Finish, learn how to keep corporate spies at bay. Book Chapter
-
Voice over IP Security: VoIP Threat Taxonomy
In an excerpt from Voice over IP Security, author Patrick Park reviews VoIP threats, including spam, phishing and other threats against social context. Book Chapter
-
Email security test: Basics and threats
Test your knowledge of email security essentials with this fifteen-question quiz from Joel Snyder. Quiz
-
Quiz: Counterintelligence strategies for thwarting email threats
Take this five-question quiz to evaluate your knowledge of the material presented by expert Sandra Kay Miller in this Messaging Security School lesson. Quiz
-
Quiz: Spam 2.0 -- New threats and new strategies
A five-question multiple-choice quiz to test your understanding of spam defense strategies presented by expert Michael Cobb in this lesson of SearchSecurity.com's Messaging Security School. Quiz
-
Spam 2.0: New attacks, viruses and prevention strategies
In the war on spam, new battlefronts are constantly emerging. Learn how security professionals can stay on top of the latest email threats. Messaging Security School
-
The changing threat of email attacks
In this Messaging Security School lesson, expert Mike Rothman details the state of next-generation email threats, explores reputation systems and uncovers threats AV can't catch. Messaging Security School
-
Quiz: Countermeasures for malicious email code
A five-question multiple-choice quiz to test your understanding of the content presented in Countermeasures for malicious email code lesson of SearchSecurity.com's Messaging Security School. Messaging Security School
-
Hacker's Challenge 3: Big Bait, Big Phish
In this excerpt of Chapter 3 from "Hacker's Challenge 3," author Bill Pennington provides a detailed example of a situation in which an organization's network is attacked and customer data is compromised. Book Chapter
-
Phishers sink to new depths of deception
Evolving techniques and tactics are making it easier than ever to get hooked by phishing. Feature
- See More: Essential Knowledge on Email and Messaging Threats (spam, phishing, instant messaging)
-
Email providers push DMARC email authentication to combat phishing
DMARC creates an authentication loop that could help people determine the legitimacy of an email. News | 30 Jan 2012
-
Readiness team warns of spoofed US-CERT email addresses in phishing campaign
A phishing email campaign is targeting private and public sector organizations with phony US-CERT email addresses. News | 11 Jan 2012
-
Survey: APT attacks a top concern, but many firms fail to enforce policies
A new survey from whitelisting vendor Bit9 found many firms are relying on the honor system to prevent unauthorized downloads. News | 30 Aug 2011
-
Massive Epsilon email breach could lead to email attacks, spam
At least 50 banks, retailers and other firms are affected by a major email breach at a Texas-based data management firm that provided marketing email services. Article | 05 Apr 2011
-
Collaboration crucial for fighting phishing techniques
Phishing's not going away any time soon, but clear communication and cooperation between organizations sending emails to their customers and the webmail providers that filter those emails can help cut down on the number of phishing attempts that hit ... Article | 18 Feb 2011
-
Signature-based antivirus not quite dead, but bigger problems loom
While security pros should be concerned with the decreasing efficacy of signature-based antivirus, employee threats should warrant increasing attention. Article | 16 Feb 2011
-
Commtouch announces All-In-One client for security threat management
Commtouch calls its new All-In-One security client a "triple play" of messaging security, Web security and antivirus. Article | 14 Feb 2011
-
Microsoft Outlook 2007 update caused email authentication issues
Microsoft has pulled a non-security update to Outlook 2007 after customers complained of connection and performance issues when the automatic update was applied to company machines. Article | 21 Dec 2010
-
'Here you have' email worm spreads
NASA, Wells Fargo, Comcast and Disney were hit by the old-school email worm, which spreads by harvesting victims' contact data. News | 10 Sep 2010
-
Phishing attacks target users of Facebook, other social networks
Cybercriminals are dumping the traditional email phishing campaigns for social networks, where it's easier to social engineer attacks and gain trust of users. Article | 08 Sep 2010
- See More: News on Email and Messaging Threats (spam, phishing, instant messaging)
-
How to prevent phishing attacks: User awareness and training
In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing. Tip
-
Spear phishing examples: How to stop phishing from compromising users
Spear phishing targets the weakest link in most security programs: users. These spear phishing examples can help your enterprise thwart attacks. Tip
-
The state of enterprise spam filters: Can more be done to control spam?
Does your enterprise rely solely on its email filter to protect against spam? Are you aware of how spam filters work? Expert Michael Cobb discusses how today's spam works, and what can help control spam in an enterprise setting. Tip
-
How to prevent phishing attacks with social engineering tests
Is your enterprise capable of withstanding today's phishing attacks? Sherri Davidoff reviews how you can test your employees. Tip
-
Video: The foundation of an email security strategy
Guest instructor Joel Snyder explains which standards can help you increase the security of SMTP-based email. Tip
-
Thinking fast-flux: New bait for advanced phishing tactics
Bot herders haven't made millions of dollars by relying on yesterday's botnet techniques. In fact, the bad guys have found an innovative new way to leverage thousands of drone machines; it's called fast flux, and it makes even the largest botnets muc... Tip
-
Preventing spam bots from hijacking an enterprise network
According to security expert Michael Cobb, the likelihood of your enterprise being compromised by a botnet is not a question of if, but when. In this Messaging Security School tip, Cobb discusses how spammers use botnets to corrupt enterprise systems... Tip
-
Eliminating the threat of spam email attacks
Spam emails cluttering your inbox aren't just a minor inconvenience; these annoying messages can infect your systems with harmful code, viruses and Trojans. Contributor Scott Sidel examines SpamAssassin, an open source software tool designed to keep ... Tip
-
Reputation systems gaining credibility in fight against spam
Now that nearly all organizations are employing some sort of anti-spam technology, spammers know their only hope for success lies with outwitting spam-detection strategies. But as Mike Rothman writes, the emergence of reputation-based systems is maki... Tip
-
Is the CAN-SPAM Act a help or a hindrance?
Three years have passed since CAN-SPAM was enacted, but has this legislation truly contained unsolicited commercial email? In this tip, contributor Joel Dubin examines if the law has effectively cracked down on spamming activities and examines how to... Tip
- See More: Tips on Email and Messaging Threats (spam, phishing, instant messaging)
-
Using social engineering testing to foster anti-social engineering training
Worried your users could easily be pwned? Learn about improving social engineering testing to foster anti-social engineering training. Answer
-
Webmail forensics: Investigating issues with email forwarding security
Expert Mike Cobb discusses webmail forensics possibilities for dealing with the aftermath of an issue involving an email forwarding security breach. Answer
-
Curb the spam virus threat via information security awareness training
Information security awareness training doesn't always protect users from the ongoing spam virus threat. Nick Lewis offers additional measures that may help. Answer
-
The fight against phishing: Utilizing SPF and DKIM authentication technology
The fight against phishing has been waging for years. Expert Michael Cobb explains how SPF and DKIM authentication technologies could turn the tide. Answer
-
IPv6 malware: With the transition, will IPv6 spam increase?
The transition from IPv4 to IPv6 could have some unintended negative consequences for security. Answer
-
Google 'Gchat' security and Internet application security best practices
Users in the enterprise may unknowingly be exposed to 'Gchat' security risks. Expert Michael Cobb discusses Internet application security best practices that can help protect enterprise users. Ask the Expert
-
Can I trace email origin locations to thwart email attachment viruses?
Can tracing an email back to its origin help to prevent the threat of future viruses via email? Learn more in this expert response. Ask the Expert
-
AT&T email address security breach: Can hackers track a SIM card?
Recently, a security breach at AT&T exposed the email addresses of thousands of its customers, but that may not be the biggest threat. In this expert response, Nick Lewis explains what could be the result of this breach. Ask the Expert
-
How to keep messages secure with an email digital certificate
Using an email digital certificate can help protect important information from being read by anyone except the intended recipient. Ask the Expert
-
Preventing unauthorized email issues from hindering an organization
In this expert response, find out how to prevent your organization from sending out unauthorized emails. Ask the Expert
- See More: Expert Advice on Email and Messaging Threats (spam, phishing, instant messaging)
-
spear phishing
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a... Definition
-
content filtering (information filtering)
On the Internet, content filtering (also known as information filtering) is the use of a program to screen and exclude from access or availability Web pages or e-mail that is deemed objectionable. Definition
-
Operation Phish Phry
Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the Los Angeles Electronic Crimes Task Force and Egyptian authorities. Definition
-
Rock Phish
Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated group of hackers. While the authors of the kit remain anonymous, Rock Phish has become the most popular phishing kit availa... Definition
-
pharming
Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent. Definition
-
spam trap
A spam trap is the inclusion of an option in an online form that is preselected by default with the expectation that the user will fail to notice the option. Definition
-
spoof
Spoof was a game involving trickery and nonsense that was invented by an English comedian, Arthur Roberts, prior to 1884, when it is recorded as having been "revived. Definition
-
spam cocktail (or anti-spam cocktail)
A spam cocktail (or anti-spam cocktail) is the use of several different technologies in combination to successfully identify and minimize spam. The use of multiple mechanisms increases the accuracy of spam identification and reduces the number of fal... Definition
-
mail bomb
A mail bomb is the sending of a massive amount of e-mail to a specific person or system. Definition
-
munging
Munging is the deliberate alteration of an e-mail address on a Web page to hide the address from spambot programs that scour the Internet for e-mail addresses. Definition
- See More: Definitions on Email and Messaging Threats (spam, phishing, instant messaging)
-
419 baiters: Not all scam emails from Nigeria
Almost everyone has received an email promising riches from African royalty, but not all 419 scam emails come from Africa. Learn how to prevent employees from getting suckered in by these scams. Video
-
Paypal account security: CISO on ways to prevent phishing
Paypal has become known as one of the top organizations when it comes to fighting phishing, mostly because its been a target of so many phishing scams. In this interview, Paypal CISO Michael Barrett describes how his organization approaches the phish... Video
-
Next generation spam: New threats and new technologies
This video examines the evolution of the content security gateway as it evolves beyond just blocking spam and Web filtering, emphasizing the techniques and technologies used to ensure data doesn't leave your organization. Video
-
Unified communications: Securing a converged infrastructure
With so many different communications systems being combined, it can be tough to know where to start when it comes to security. In this video, John Burke explains the basics of securing this new type of infrastructure. Video
-
Economy fuels malware, spam
Dave Marcus of McAfee's Avert Labs, breaks down the threat landscape and explains why spam numbers are rising and malware writers are taking advantage of the down economy. Video
-
Podcast: Countdown --Top 5 technologies to help battle the new spam threat
In this featured podcast, Michael Cobb counts down the top 5 ways for your company to battle new and evolving spam threats, and discusses the pros and cons of current antispam technologies. Podcast
-
Countdown: Top 5 next-generation messaging attacks that antivirus can't catch
In this Podcast, expert Mike Rothman counts down the top five next-generation messaging attacks that antivirus can't catch, and tells you how to stop them. Podcast
-
Using social engineering testing to foster anti-social engineering training
Worried your users could easily be pwned? Learn about improving social engineering testing to foster anti-social engineering training. Answer
-
Webmail forensics: Investigating issues with email forwarding security
Expert Mike Cobb discusses webmail forensics possibilities for dealing with the aftermath of an issue involving an email forwarding security breach. Answer
-
Email providers push DMARC email authentication to combat phishing
DMARC creates an authentication loop that could help people determine the legitimacy of an email. News
-
Readiness team warns of spoofed US-CERT email addresses in phishing campaign
A phishing email campaign is targeting private and public sector organizations with phony US-CERT email addresses. News
-
Curb the spam virus threat via information security awareness training
Information security awareness training doesn't always protect users from the ongoing spam virus threat. Nick Lewis offers additional measures that may help. Answer
-
The fight against phishing: Utilizing SPF and DKIM authentication technology
The fight against phishing has been waging for years. Expert Michael Cobb explains how SPF and DKIM authentication technologies could turn the tide. Answer
-
How to prevent phishing attacks: User awareness and training
In this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put a dent in phishers’ attempts at spear phishing. Tip
-
Spear phishing examples: How to stop phishing from compromising users
Spear phishing targets the weakest link in most security programs: users. These spear phishing examples can help your enterprise thwart attacks. Tip
-
Survey: APT attacks a top concern, but many firms fail to enforce policies
A new survey from whitelisting vendor Bit9 found many firms are relying on the honor system to prevent unauthorized downloads. News
-
IPv6 malware: With the transition, will IPv6 spam increase?
The transition from IPv4 to IPv6 could have some unintended negative consequences for security. Answer
- See More: All on Email and Messaging Threats (spam, phishing, instant messaging)
About Email and Messaging Threats (spam, phishing, instant messaging)
Defend against email and messaging threats and boost email security and protection with this resource. You will get advice from the experts on how to prevent hacker attacks, spam, phishing and instant messaging attacks.