Features

Features

Email and messaging threats

• Guide to preventing coronavirus phishing and ransomware

  Malicious actors are taking advantage of coronavirus fears to wreak havoc on cybersecurity. Check out our guide to learn about phishing and ransomware threats and how to stop them.  Continue Reading

• How a security researcher spots a phishing email attempt

  When security expert Steven Murdoch spotted a phishing email in his inbox, the researcher in him decided to investigate. Here's what he learned about criminal phishing tactics.  Continue Reading

• Words to go: Types of phishing scams

  IT teams must take proactive measures to address security awareness when it comes to email. Learn about the types of phishing scams to mitigate risk.  Continue Reading

• Mitigating ransomware and phishing attacks during a pandemic

  Where most see crisis, cybercriminals see opportunity. Learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks during a pandemic.  Continue Reading

• Data security guide: Everything you need to know

  This data security guide digs into data protection and privacy compliance, explaining how to construct a proactive security strategy strengthened by best practices.  Continue Reading

• Coronavirus phishing threats force heightened user awareness

  As coronavirus phishing threats ramp up, organizations must turn to user education, in addition to traditional network security, as their best defense.  Continue Reading

• Phishing protection: Keep employees from getting hooked

  Share this list of phishing techniques and detection tips to help employees avoid phishing schemes. Plus, review technologies to protect your enterprise from phishing attacks.  Continue Reading

• Coronavirus phishing scams increase amid pandemic's spread

  Organizations must account for a sharp uptick of coronavirus phishing scams in their pandemic and business continuity plans. Learn about the trend here, with steps for mitigation.  Continue Reading

• Beat common types of cyberfraud with security awareness

  Hackers are taking deception to a new level, but security awareness programs are instrumental in helping employees detect various types of cyberfraud.  Continue Reading

• Cisco CISO says today's enterprise must take chances

  Cisco CISO Steve Martino talks about taking chances, threats, how the security leader's role is changing and what really works when it comes to keeping the company secure.  Continue Reading

• New evasive spear phishing attacks bypass email security measures

  Researchers identified a new email security threat: evasive spear phishing attacks, which take months of investigation and social engineering to coordinate.  Continue Reading

• Browse the best email security products for your enterprise

  Finding the best email security product is vital to protect companies from cyberattacks. Here's a look at the current market leaders.  Continue Reading

• 5 email security appliance comparison criteria to consider

  Identifying the best email security appliance on the market can be hard. This article discusses the criteria to consider when choosing one for your organization.  Continue Reading

• New tech steers identity and access management evolution

  IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets.  Continue Reading

• Tackling IT security awareness training with a county CISO

  A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved.  Continue Reading

• Understand the basics of email security gateways

  Email security gateways protect enterprises from threats such as spam and phishing attacks. This article explains how these products get the job done.  Continue Reading

• 5 best practices to choose the right email security software

  Examine the five best practices and most important criteria for evaluating email security software products and deploying them in your enterprise.  Continue Reading

• 10 ways to prevent computer security threats from insiders

  Whether via the spread of malware, spyware or viruses, insiders can do as much damage as outside attackers. Here's how to prevent computer security threats from insiders.  Continue Reading

• Huawei ban highlights 5G security issues CISOs must tackle

  Why worry over Huawei? A U.S. ban of this Chinese company's products should remind CISOs that now is the time to consider security issues related to the rollout of the 5G network.  Continue Reading

• Testing email security products: Results and analysis

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products and the challenges it faced to come up with sound methodologies.  Continue Reading

• Testing email security products: Challenges and methodologies

  Kevin Tolly of the Tolly Group offers a look at how his company set out to test several email security products, as well as the challenges it faced to come up with sound methodologies.  Continue Reading

• Business email compromise moves closer to advanced threats

  The sophisticated techniques used in BEC scams differ from other email fraud in the steps taken to construct the criminal campaign. Here's how to stop these APT-style attacks.  Continue Reading

• Get the best botnet protection with the right array of tools

  Enterprise anti-botnet defenses, to be effective, must be added in multiple layers. No single security product will do the trick, but the right combo of tools can.  Continue Reading

• Security for applications: What tools and principles work?

  Better app security requires both designing security in and protecting it from without. Learn how to work it from both angles and what tools you'll need for the job.  Continue Reading

• The Basics of Cyber Safety

  In this excerpt from chapter four of The Basics of Cyber Safety, authors John Sammons and Michael Cross discuss basic email security.  Continue Reading

• Deception in the Digital Age

  In this excerpt from chapter five of Deception in the Digital Age, authors Cameron H. Malin, Terry Gudaitis, Thomas J. Holt and Max Kilger discuss phishing and watering hole attacks.  Continue Reading

• Detecting and Combating Malicious Email

  In this excerpt of Detecting and Combating Malicious Email, authors Julie JCH Ryan and Cade Kamachi discuss the elements of an email structure and touch on how attackers can use these elements to trick unwitting victims.  Continue Reading

• Trend Micro InterScan Messaging Security: Product overview

  Expert Karen Scarfone looks at the Trend Micro InterScan Messaging Security and Trend Micro ScanMail Suite for Microsoft Exchange email security gateway products used for monitoring email messages that could contain suspicious content and threats.  Continue Reading

• Symantec Messaging Gateway and Symantec Email Security.cloud: Product overview

  Expert Karen Scarfone examines the Symantec Messaging Gateway and Symantec Email Security.cloud email security gateway products that detects and blocks messages that contain suspicious content and threats.  Continue Reading

• Sophos Email Appliance: Product overview

  Expert Karen Scarfone examines the Sophos Email Appliance email security gateway product that is used for detecting and blocking messages that contain suspicious content and threats.  Continue Reading

• Proofpoint Enterprise Protection: Product overview

  Expert Karen Scarfone examines the Proofpoint Enterprise Protection email security gateway product, which scans inbound and outbound email messages for malware, phishing and spam threats.  Continue Reading

• Microsoft Exchange Online Protection: Product overview

  Expert Karen Scarfone reviews the Microsoft Exchange Online Protection email security gateway product, which is used for detecting and blocking common email-transmitted threats.  Continue Reading

• McAfee Email Protection, Security for Email Servers: Product overview

  Expert Karen Scarfone reviews the McAfee Email Protection and McAfee Security for Email Servers products that are used for monitoring, blocking and quarantining email messages.  Continue Reading

• Clearswift SECURE Email Gateway: Product overview

  Expert Karen Scarfone reviews the Clearswift SECURE Email Gateway product, which monitors incoming and outgoing emails.  Continue Reading

• Fortinet FortiMail: Product overview

  Expert Karen Scarfone reviews the Fortinet FortiMail email security gateway product that is used for monitoring email messages on behalf of an organization.  Continue Reading

• Websense Email Security Gateway: Product overview

  Expert Karen Scarfone reviews the Websense Email Security Gateway product, which is used for monitoring email messages that could contain suspicious threats.  Continue Reading

• Cisco Email Security Appliance: Product overview

  Expert Karen Scarfone reviews Cisco's Email Security Appliance product that is designed for detecting and blocking email-borne threats.  Continue Reading

• Cyber Crime and Cyber Terrorism Investigator's Handbook

  In this excerpt of Cyber Crime and Cyber Terrorism Investigator's Handbook, authors Babak Akhgar, Andrew Staniforth and Francesca Bosco outline the classification, types and categories of cybercrime.  Continue Reading

• Three enterprise benefits of email security gateways

  Virtually every enterprise can benefit from email security gateways. Expert Karen Scarfone examines the primary benefits of the products.  Continue Reading

• Defend against APTs with big data security analytics

  Without a trace: Cybersecurity incident response teams must follow the thread of security events through volumes of log data from increasingly diverse sources.  Continue Reading

• The business case for email encryption software

  Email encryption is a valuable security tool for enterprises, but where and how should it be deployed? Expert Karen Scarfone outlines specific use cases for email encryption software.  Continue Reading

• DDoS defense planning falls short

  Failure to regularly test DDoS mitigation processes can lead to inadvertent amplification of an attack.  Continue Reading

• Targeted Cyber Attacks

  In this excerpt of Targeted Cyber Attacks, authors Aditya Sood and Richard Enbody outline the cyberattack model and different vectors used to attack targets.  Continue Reading

• Social Engineering Penetration Testing

  In this excerpt of Social Engineering Penetration Testing, the authors outline what phishing attacks are and outline how these attacks work using multiple real-world examples.  Continue Reading

• The anatomy and physiology of APT attacks

  Building on what cybercriminals began, security services from many countries have the capability to attack and steal for their national interests.  Continue Reading

• Chained Exploits: How to prevent phishing attacks from corporate spies

  Ever wonder if someone is monitoring everywhere you go on the Internet? In this chapter excerpt from Chained Exploits: Advanced Hacking Attacks from Start to Finish, learn how to keep corporate spies at bay.  Continue Reading

• Quiz: Secure instant messaging

  A five-question multiple choice quiz to test your understanding of the content presented in the Secure instant messaging lesson of SearchSecurity.com's Messaging Security School.  Continue Reading

• Market trends: The future of e-mail security

  The e-mail security market is undergoing a change that is marked by commoditization and centralization. Joel Snyder analyzes these trends and offers a glimpse at the future of e-mail security products.  Continue Reading

• How to use SMTP relay service to keep spammers away from Exchange Server

  Learn how to use the IIS SMTP mail relay service to prevent spammers from directly interacting with your Microsoft Exchange Server.  Continue Reading

• E-mail policies -- A defense against phishing attacks

  In this excerpt of Chapter 6 from "Phishing: Cutting the Identity Theft Line," authors Rachael Lininger and Russell Dean Vines explain how e-mail policies help protect companies from phishing attacks.  Continue Reading

• A spammer's weapon: The envelope sender address

  Learn how spammers take advantage of the envelope sender address to avoid a deluge of bounced e-mail.  Continue Reading

• Final Exam / Answer No. 4

  E-mail Security School Final Exam  Continue Reading

• Adding email authentication and encryption with S/MIME

  Joel Snyder reviews the encryption and authentication benefits of S/MIMe and how the Secure MIME standard can enhance email security.  Continue Reading

• Filling SMTP gaps -- The secrets to using e-mail standards

  Learn how to use TLS and S/MIME to strengthen your e-mail security.  Continue Reading

• Home office security: Seven ways to secure remote employees

  Fred Avolio outlines seven strategies enterprises should use to ensure their remote employees participate in good home office security.  Continue Reading

• Protect Active Directory traffic with a VPN

  Active Directory network traffic is mission critical and highly sensitive, and must be protected by a VPN.  Continue Reading

• Twelve ways to reduce PGP-based file transfer security risks

  Learn why PGP systems, which are designed for file transfer security, are a good alternative to using VPNs.  Continue Reading

• Review: Malicious Mobile Code

  Inconsistencies and awkward definitions plague Malicious Mobile Code, according to reviewer Jay Heiser.  Continue Reading