• CipherTrust IronMail
• CipherTrust Edge
• CipherTrust IronIM
• CipherTrust IronNet
• CipherTrust Radar
• CipherTrust Managed Services
• TrustedSource Toolbar
• UTM/Firewall/VPN
• Secure Content Mgmt
• Identity & Access Mgmt

  Security & Inbound
  Protection

• Anti-Spam
• Anti-Virus
• Anti-Phishing
• E-mail Firewall & IPS

  Compliance & Outbound
  Protection

• CipherTrust Compliance
• CipherTrust Encryption

  Technologies

• TrustedSource
• Message Profiler
• Connection Control
• ThreatResponse
• Secure WebMail

  Additional Services

• Consulting
• Education

IronMail Phishing Prevention: Protecting Employees from Email Fraud

Phishing is a fraud technique that focuses on fooling the victim into providing sensitive financial or personal information. This fraud is especially dangerous for corporations, as employers who fail to prevent fraudulent email from reaching their end users risk being held liable for any consequences of an employee being defrauded.

Phishing is a form of online fraud that focuses on fooling the victim into providing sensitive financial or personal information. Phishing uses bogus e-mail and websites that bear a significant resemblance to a tried and true online brand. Typically, the victim provides information into a form on the imposter site, which then relays the information to the fraudster.

Although this form of fraud is relatively new, its prevalence is exploding. Compounding the issue of increasing volume, response rates for phishing attacks are disturbingly high, (sometimes as high as 5%) and are most effective against less-savvy Internet users who are unsophisticated about spotting potential fraud in their inbox.

While phishing is targeted at individuals, it also presents a problem for corporations. If employees are not protected, the company could be held accountable for not putting protections in place to prevent fraud. If a hacker impersonates a company, then the company’s reputation and brand may be impacted because customers feel that they can no longer trust the organization with their sensitive information. An attack could cause an employee or business partner to divulge sensitive trade secrets to hackers. Or, it could result in employee login information being revealed, allowing hackers to “log in” to an employee’s network account.

Protecting Employees from Phishing

The best protection against phishing is to prevent these attacks from ever getting to the user’s inbox. Since most phishing attacks proliferate through unsolicited e-mail, spam filtering technologies can be very effective at preventing the majority of phishing attempts.

New technologies are also available to help prevent phishing. One such technology offered as a standard by Microsoft and supported by CipherTrust is the Sender ID Framework (SIDF), which prevents spammers from spoofing known brands by verifying the source of each email. This technology holds great promise but is still in its infancy.

IronMail blocks phishing attacks using a combination of functionalities, including:

• Anti-spam techniques such as bulk e-mail detection, content scanning, URL filtering and header analysis
• Secure E-mail Gateway technology including anomaly detection, which analyzes e-mail traffic flow to identify emerging attacks and other suspicious behavior