Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Security IT

Email Security Systems Miss Thousands of Malicious Links (betanews.com) 45

A new study from email security company Mimecast shows that malicious links in emails are being missed by many security systems. From a report: Mimecast examined more than 142 million emails that had passed through organizations' email security vendors. The latest results reveal 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems -- a ratio of one unstopped malicious link for every 50 emails inspected. The report also finds an 80 percent increase impersonation attacks in comparison to last quarters' figures. Additionally, 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments were all missed by these incumbent security providers and delivered to users' inboxes.
This discussion has been archived. No new comments can be posted.

Email Security Systems Miss Thousands of Malicious Links

Comments Filter:
    • And what's wrong with that? Heck, I even let my mail client filter those pesky HTML attachments through lynx if need be -- too many bastards put the contents as such an attachment instead of the mail's body.

      No operating system would be insane enough to run executables this way, would it?

      • all email, including attachments, is in the body as mime 64 text...so even if you get text only and then copy and paste (or even re-type the url) into a browser you're still going to a potentially malicious site...and that only takes care of you - what if you have 10,000 users?
    • Those are the old fashion ones. The thing is a lot of "secure" emails require you to click the link on the email, go to a secure site and read the email from the site. Outlook does this, as well as other options.
      This habit makes it easy to click on the link to see the secure email.

      The real problem is Email isn't secure, it is too easy to fool and spoof. It was an idea of well intention idealist, expecting only small scale usage.

  • by El Cubano ( 631386 ) on Friday August 31, 2018 @01:19PM (#57232814)

    A new study from email security company Mimecast shows that malicious links in emails are being missed by many security systems

    Of The Six Dumbest Ideas in Computer Security [ranum.com], this is a combination of 1 (on the part of the MUAs) and 2 (on the part of the scanners). So, no kidding.

  • Oh wait. This is Slashdot. Asking for constructive solutions? Talk about pissing into the wind.

    I know y'all [typical Slashdot commenters] will find the notion hilarious (at best), but I actually think there are solution approaches. I'm just mystified why no one is approaching them, though I'd appreciate your guidance to existing solutions almost as much as your better ideas.

    For example, to whit...

    A lot of these problematic links could be quickly identified if the intended victims were asked to help. Or even

  • by ripvlan ( 2609033 ) on Friday August 31, 2018 @01:30PM (#57232884)

    We have started receiving some very high-quality Office365 "Your password is about to expire" notifications. They are super specific and somehow they know we use MS. As usual they are an exact copy of the real email (none of the usual grammar or spelling mistakes). The fact MS spam filtering doesn't flag these is troubling.

    If it weren't for the "From: Microsoft Office365 (billybob3248@ustexasam.edu)" it would look totally legit. My big issue that is that Outlook normally hides some of this information - at times making it difficult to see the mail headers. Gmail is a bit better, but only when it gets flagged as spam, I like their "Caution - this looks like [fishing/spam/other]"

    Only a select sub-group of employees receives these emails. It's very focused, and apparently not random. They pit specific employees against each other "hey Sally, I'm not in the office, please pay this bill, signed Bob" And both Sally and Bob are real people who work together. Sally isn't on LinkedIn - so their relationship, if guessed, was spectacularly a good guess. It amazes me where this information might be mined from.

    • Sally might not be on LinkedIn, but someone uploaded their contact list to LinkedIn and now LinkedIn knows everyone at the company.
      • yes but.... are these connections available to an outside source? Linked in knows this connection. Can an affiliate also see this, thus passing it off to spammers?

        We've been thinking long, but not hard, on this issue.

  • Microsoft the company who made weblinks dangerous.
  • I hate the ones in Outlook that change the links like: https://na01.safelinks.protect... [outlook.com]... Argh.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...