Skip to content

Hit enter to search or ESC to close

Sending and receiving emails with external users is as common as internal communication. It is with these externals that your business becomes a target for malware and phishing. A business is at risk of being crippled by ransomware or suffer from a data breach without the right email filtering solution. Ruining it’s brand and reputation.

How Does Ransomware (and Other Malware) Leverage Email?

Phishing is generally used to trick users into divulging information. While malicious emails are also used to trick users into running malware on their devices. Malware isn’t limited to just the local device.

It can also span to other devices, servers, and network appliances. Ransomware is written to scan network resources and encrypt files. The main vector used to start the attack is email.

For every single employee, researchers estimate that they will receive five to eight malicious messages a day. For example, if you have 10 employees, your business can expect at least 50 malicious emails a day. These messages bombard your employees with spam and take up unnecessary storage on the email server and the user’s device.

The email message isn’t enough to get ransomware and other malware on a user’s device. The attacker needs to unload the payload, which is usually done with a file attachment. The attachment could look like a benign document with a malicious macro or an executable with a friendly looking name. In either method, the attacker needs the user to open the attachment so that malware can execute on the local device.

Most malware is spread using attachments, but other attack strategies involve sending users to a malicious website. The attacker must convince the user to download a binary and execute it on their device. Eventually, these sites are taken down by the host provider, so this strategy is less popular than email vectors.

Did You Know?

99.99%

SpamTitan's spam catch rate

11 Seconds

a ransomware attack occurs

$285

the average cost to manage spam per person without an email filter

56.50%

of all email is spam

What Can Happen When Malware Runs on a Device?

After a user runs malware on the system, several things can happen. If it’s ransomware, the malware scans the local device and the network for important files. Every important file found is encrypted using a cryptographically secure cipher.

A cryptographically secure cipher is impossible to brute force. It could be vulnerable in the future, but currently AES-256 is the cryptographically secure cipher used to encrypt files.

The only way to decrypt files is to pay the ransom or recover using backups. Even if you can recover from backups, the business could be down for several days until all data can be fully recovered. This downtime translates to thousands of dollars in lost revenue.

Ransomware isn’t the only malware that can affect a corporate network. Malware can perform numerous other malicious actions. A rootkit could take over a server’s operating system activity and eavesdrop on data. A keylogger can log keystrokes and send information such as passwords and usernames to an attacker.

At worst, ransomware and other malware can create downtime for days. It can also lead to a data breach or a compromise. The payload from malware depends on the goals of the attacker.

Most attacks are money-driven so it’s common for malware to steal or corrupt data in some way. This forces the business into losing money or paying the attacker money to gain access to files. In some cases, the attacker might blackmail or use extortion to get money from the targeted victim.

We recently held a webinar with Osterman Research demonstrating how to reduce the risk of phishing and ransomeware. Download the guide here to maximize your organization's email protection.

Or watch the webinar here.

Osterman Research Webinar - Reduce Risk of Phishing and Ransomware

Using Email Filtering Solutions to Protect Businesses

Leaving email unfiltered email is dangerous for many reasons, but the most important is the aftermath of a data breach. After a data breach, the organization must perform an analysis on the vulnerability that allowed the attacker to access data. They then must inform customers, deal with investigations and litigation, and possibly pay fines for any compliance violations. The entire process requires time and money that takes away from everyday business that could be more productive.

Adding filtering to the email server is the single most effective way to stop malware from being transferred using email. An email filtering solution detects malicious messages and attachments and quarantines them until an administrator can review them. The right solution uses machine learning and artificial intelligence to “learn” as more emails targeting the business are caught and evaluated by the system.

Email cybersecurity also involves Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM) which also stops spoofed messages.

SpamTitan checks every URL in an email against known blacklists - with 100% active web coverage.

How SPF and DKIM Protect Business Emails?

SPF and DKIM are a part of Domain-based Message Authentication, Reporting and Conformance (DMARC). This is an email security system that combines DNS entries using SPF and encrypted signatures using DKIM to ensure that the message sender is legitimate.

An SPF record on nameservers defines IP address that can send email on behalf of the domain. While DKIM creates a digital signature and adds it to messages to ensure the content has not been tampered with.

DMARC works well for spoofed email messages and content that has been tampered with. It’s also not uncommon for hackers to gain access to email accounts and send messages using legitimate sender accounts.

They can then send messages with attachments and tricks users into opening them. This happens because it’s from a trusted sender. An email filtering solution solves this problem by catching the malicious message and quarantining it.

Quarantining messages puts them in a safe place until an administrator can review their content. The administrator can then pass the message on to the intended recipient if it’s a false positive, or delete the message. If several messages are quarantined, it could also indicate that the organization is the target of a phishing or malware campaign.

With DMARC and email filtering, an organization can greatly reduce risk of being the next victim of an email-based cyber-attack.

An email filtering solution will stop many of the attacks, but a wise organization will still need to perform monitoring and detection of ransomware and other malware.

Looking for an email spam solution for your organization? Sign up for SpamTitan's Free 14-Day Trial.

SpamTitan Plus – NEW Anti-Phishing solution now available

Hear from our Customers

Effective filtering with excellent and timely customer support.

What do you like best about SpamTitan Email Security? SpamTitan has a quick, easy initial setup as well as extremely responsive support. Any ticket I opened was responded to within 5-15 minutes and resolved within the day. Since implementation, we've seen a marked drop in spam/spoofed messages actually arriving in inboxes. We've also been able to migrate email hosts without difficulty or drop in service. What problems is SpamTitan Email Security solving and how is that benefiting you? We wanted to address spoofed messages arriving in employee inboxes, as well as generic spam. Our employees definitely have safer, less cluttered inboxes after implementation.

Stephen C.

Small-Business

Top quality service. Impossible to do without it!

What do you like best about SpamTitan Email Security? Simple, efficient, effective, many features that can be customized and parameterized by user, domain and globally. Indispensable tool for working with confidence with emails. What do you dislike about SpamTitan Email Security? Nothing! There is everything you need to better manage email traffic with security to the full satisfaction of all users who only receive important emails and can still check blocked emails for false positives. What problems is SpamTitan Email Security solving and how is that benefiting you? Spam, virus and malicious links are just an old memory of a bygone era. Phishing, business email compromise, and zero day attacks are now under control in all emails.

Igor G.

Internet & Cloud Services Manager

Spam Titan is a Class Act

What do you like best about SpamTitan Email Security? Product is simple to install on mail Server. And works Great. What problems is SpamTitan Email Security solving and how is that benefiting you? Spam Totally non existent now.

Gene L.

Small-Business

Better than I thought.

What do you like best about SpamTitan Email Security? Simple setup. Comprehensive and in depth options. Our vendor had a basic script to start us out that made our transition a snap. What problems is SpamTitan Email Security solving and how is that benefiting you? We avoid SPAM and Virus attempts into our network. This relieves our need to deal with problems on each computer user.

Donald M.

Mid-Market

Spam protection, simple and effective

What do you like best about SpamTitan Email Security? The SpamTitan solution, like all TitanHQ products, is simple to set up and up and running in minutes, both OnPrem and Cloud. It is also possible to request a full 30-day trial with full vendor support, for the entire duration. What problems is SpamTitan Email Security solving and how is that benefiting you? Since implementing SpamTitan, I no longer receive spam, phishing, and BEC emails. Also, through the Valid Recipient Verification, my mail server experiences less workload.

Dominik

Presales Engineer

Susan Morrow

Susan Morrow

  • DATA PROTECTION
  • EMAIL PHISING
  • EMAIL SECURITY

Talk to our Team today

Talk to our Team today