Firewall News

Top Menu

  • Home
  • Our Blog
  • Contact Us

Main Menu

  • Software Updates
  • Alerts & Bugs
  • Out of the Box
  • Home
  • Our Blog
  • Contact Us

Firewall News

Firewall News

  • Software Updates
    • WatchGuard logo

      TDR 6.0.0 is now integrated into WatchGuard Cloud

      04/01/2021
      0
    • Sophos Logo

      XG Firewall 17.5 MR14 Released

      30/07/2020
      0
    • Sophos Logo

      Sophos Firewall Manager SFM 17.1 MR4 Released

      27/07/2020
      0
    • Sophos Logo

      Sophos Enterprise console - Endpoint Security and Control v10.8.9 for Windows has ...

      16/07/2020
      0
    • Sophos Logo

      Sophos iView v3 MR-2 Released

      07/07/2020
      0
    • Sophos Logo

      SD-RED Firmware 3.0.002 Pattern Update

      06/07/2020
      0
    • Sophos Logo

      XG Firewall 17.5 MR13 Released

      06/07/2020
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for old firmware v17 and v17.1 for XG Firewall

      03/07/2020
      0
    • WatchGuard logo

      Fireware 12.5.4 Now Available

      01/07/2020
      0
  • Alerts & Bugs
    • Sophos Logo

      Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

      29/03/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Updates

      03/03/2022
      0
    • WatchGuard logo

      WatchGuard Support Alert

      23/02/2022
      0
    • Sophos Logo

      Sophos: Important Product Lifecycle Reminder

      03/02/2022
      0
    • Sophos Logo

      Sophos: Product Lifecycle Information: Extended Support for Windows 7 and Windows Server ...

      31/01/2022
      0
    • Sophos Logo

      End-of-Life (EoL) announcement for Sophos SSL VPN Client

      29/11/2021
      0
    • WatchGuard logo

      WatchGuard: macOS Monterey 12.0.1 Does Not Support the AuthPoint Logon App

      09/11/2021
      0
    • Sophos Logo

      Sophos UTM Manager (SUM) End of Distribution

      04/11/2021
      0
    • WatchGuard logo

      WatchGuard: End of Sale Notice: AP420

      01/11/2021
      0
  • Out of the Box
    • WatchGuard’s Firebox T80 Earns 5-Star Rating in SC Labs Review

      17/11/2020
      0
    • WatchGuard Wins Big in CRN 2020 Tech Innovator Awards

      16/11/2020
      0
    • Coronavirus scams: what to look for and how to stop them

      02/04/2020
      0
    • Dell SonicWALL TZ 300

      Out the Box - Dell SonicWALL TZ 300

      05/07/2016
      0
    • Dell SonicWALL TZ SOHO

      Out the Box - Dell SonicWALL TZ SOHO

      05/07/2016
      0
    • WatchGuard Firebox T50

      WatchGuard Firebox T50

      31/03/2016
      0
    • WatchGuard Firebox M200

      WatchGuard Firebox M200

      31/03/2016
      0
NewsSophos
Home›News›Don’t let imposters into your inbox

Don’t let imposters into your inbox

By admin
17/01/2020
1375
0
Share:

Phishing emails impersonating well-known brands and VIPs within an organization are a big problem for security teams to deal with. So, we’re excited to announce that you’ll now be able to detect and block these impersonation attacks with Sophos Email Advanced.

Email impersonation phishing attacks in action

In our latest study, we found that five out of ten organizations view malicious emails as their top security concern, with 53% experiencing a phishing attack in the past twelve months.

Impersonation attacks are often the hardest to combat, and usually with no malicious payload to detect. In these attacks, criminals regularly try to deceive employees, using the name of a trusted sender to encourage victims to reply, click a link, open an attachment, and so on.

Relying on users to merely scan email sender addresses, these attacks use simple display name forgery to change the visible part of the email address that we see in many common email clients.

Changing the display name to that of a trusted brand or a senior executive within the organization is a simple but effective technique for attackers.

These attacks reign down from free email accounts, and in more targeted attacks, are known to use lookalike domain names, like that of the corporate domain.

The latest highlights

The most recent enhancement for Sophos Email Advanced offers crucial protection against these impersonation phishing attacks as well as several great advancements:

  • Compares the display name of inbound emails to the display name of commonly abused cloud service brand names and to VIPs within the customers organization to check for matches. These could be the CEO, CFO, and HR Director, etc.
  • Provides a simple wizard to identify and add VIPs within the organization to your policy for analysis with all inbound messages.
  • Compares header information, analyzing the display name in relation to the full email address and domain name used, to identify free email domains, lookalike domains of popular cloud services such as Microsoft, Amazon, and VIP name impersonation attempts.

Identifying VIPs

VIPs are employees in the organization who are most likely to be impersonated by phishing attackers.

While all users will receive the same protection, the system will look for external senders impersonating your VIPs, and you can add up to 200 VIPs to the list.

Creating a VIP list in Sophos Central couldn’t be simpler. You can choose to “Add VIPs” by searching your user list for known individuals.

Alternatively, if active directory synchronization has been enabled, select “Help me find VIPs” and Sophos Email will look for users with titles that are in line with job roles most likely to be impersonated:

  • CEO
  • President
  • Chief Financial Officer
  • CFO
  • Finance Director
  • Human Resources Director
  • HR Director

Acting on the threat

This new service allows email administrators to act on potential threats with policy controls to quarantine suspicious messages, tag the subject line, delete them or warn users with a banner added to inbound emails.

The enhanced “At Risk Users” report gives a deeper level of visibility into these phishing threats. It provides a breakdown of phishing impersonation attempts received, as well as any users who have either been warned or blocked from visiting URLs with malicious content. Drill-down levels provide further insight, including:

  • Number of impersonation emails received by user allows you to easily see those most targeted
  • Impersonation type: VIP or brand impersonation
  • Summary information for each phishing email including display name and email address used, and whether the recipient replied
  • Full visibility of email header, message content and attachment types

Superior phishing protection

The level of phishing protection added to Sophos Email in this latest release offers incredible value, with simple controls that help ensure protection is in place quickly.

Social engineering
Suspicious messages can be blocked, quarantined, tagged with a subject line or have a warning banner added.

As well as the new impersonation protection, Sophos Email scans all inbound email in real-time, searching for key phishing indicators with SPF, DKIM and DMARC authentication techniques and email header anomaly analysis.

Malicious URLs and attachments
Real-time malicious URL detection and AI-powered sandboxing.

For phishing protection against malicious URLs or attachments that may contain malware, Sophos Email  provides real-time URL scanning and Time of Click URL rewriting to analyze any URL before it gets clicked. Then Sophos Sandstorm, our AI-powered cloud sandbox, detonates suspicious files to ensure malware never reaches the inbox.

User education
Intelligent cybersecurity awareness training.

Sophos Synchronized Security connects Sophos Email to Phish Threat, the Sophos phishing simulation and training platform.

Users who have been warned or blocked from visiting a risky website or replying to a spear phishing email are identified and then seamlessly enrolled onto targeted phishing simulations and training to improve awareness. A Phish Threat license is required.

To find out more visit the Sophos Email Security page.

Previous Article

Threat Spotlight: Conversation Hijacking

Next Article

Sophos XG Firewall v18 EAP 3 Refresh-1 ...

0
Shares
  • 0
  • +
  • 0
  • 0
  • 0
  • 0

Related articles More from author

  • News

    How the most damaging ransomware evades IT security

    14/11/2019
    By admin
  • Fortinet
    FortinetNews

    Ooredoo Kuwait Chooses Fortinet to Deliver the Region’s First Secure SD-WAN Managed Service to Enterprise Customers

    21/11/2019
    By admin
  • Fortune Future 50
    News

    Fortinet Named to Inaugural Fortune Future 50 List

    24/10/2017
    By admin
  • SonicWall Wins 7 New Awards
    News

    SonicWall Wins 7 New Awards, Bringing 2018 Total to Over 30

    03/07/2018
    By admin
  • Fortinet
    FortinetNews

    Fortinet Again Named the Fastest Growing SD-WAN Vendor, Continues Innovation to Deliver SD-WAN Anywhere

    29/07/2020
    By admin
  • NewsTrendMicro

    Trend Micro Cyber Risk Index Increased in 2019

    19/12/2019
    By admin

  • WatchGuard logo
    Software UpdatesWatchGuard

    WatchGuard – WebBlocker Server version 1.0 Available for Fireware 12.2

  • Sophos Logo
    Alerts & BugsSophos

    Sophos – XG Firewall: When users are getting logged out randomly with script based SSO

  • NewsSophos

    Sophos Intercept X Named Best Endpoint Security Solution by CRN® for Fourth Consecutive Year

Timeline

  • 29/03/2022

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

  • 03/03/2022

    Sophos: Important Product Lifecycle Updates

  • 01/03/2022

    Shoring up your cybersecurity posture in light of ongoing crisis

  • 23/02/2022

    WatchGuard Support Alert

  • 03/02/2022

    Sophos: Important Product Lifecycle Reminder

Sponsored Links

Latest Comments

  • Paul Sillars
    on
    21/06/2016
    I received this in an email this morning, it was the first I heard about it ...

    Dell Software Group sold to help fund looming EMC deal

  • Paul Sillars
    on
    20/06/2016
    This is going to be an interesting one to watch. Especially after today's announcement that ...

    Ingram Micro gets distribution access to Dell’s security range in Australia

Find us on Facebook

Firewall.News Logo

This site serves more as a reference point for some of the major security vendor's updates and product/press releases

It will never be a definitive list, but it helps our customers keep up to date and also allows us to express our comment and observations as well.

About us

  • PO Box 451, North Lakes, Queensland, 4509, Australia
  • [email protected]
  • Recent

  • Popular

  • Comments

  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Sophos Logo

    Sophos: Important Product Lifecycle Updates

    By admin
    03/03/2022
  • Shoring up your cybersecurity posture in light of ongoing crisis

    By admin
    01/03/2022
  • WatchGuard logo

    WatchGuard Support Alert

    By admin
    23/02/2022
  • Dell SonicWALL Supermassive

    Ingram Micro gets distribution access to Dell’s security range in Australia

    By admin
    14/06/2016
  • Francisco Partners and Elliott Management to Acquire the Dell Software Group

    Dell Software Group sold to help fund looming EMC deal

    By admin
    21/06/2016
  • WatchGuard Firebox M500 – The Cure for HTTPS Performance Headaches

    By admin
    05/03/2015
  • Sophos Logo

    Advisory: Sophos Central Maintenance scheduled for Saturday, April 2nd, 2022

    By admin
    29/03/2022
  • Paul Sillars
    on
    21/06/2016

    Dell Software Group sold to help fund looming EMC deal

    I received this in ...
  • Paul Sillars
    on
    20/06/2016

    Ingram Micro gets distribution access to Dell’s security range in Australia

    This is going to ...

Follow Me

  • Contact
  • About Us
  • Home