14 March 2015

I fully agree with Paul Kubler’s post ‘Here’s Why Email Filtering Needs to be More than Just Anti-Spam’ published last Friday on LIFARS.

In my opinion we have to tackle this problem from at least 3 sides.

First of all it is time for the e-mail providers to take action. In my post about free email providers I showed, that none of the major German providers use properly configured anti-malware systems. I estimate that the number of phishing attacks could decrease by 90% if just the email providers would reject all mails with malicious content or attachments when they are deposited.

Second, it is important to spark the users attention. Awareness campaigns, with well-made but harmless phishing attacks, and direct feedback, will raise the attention and save a lot of hassle. Train the users in identifying the main features of phishing attacks and the proper counter measures to take.

Finally, we can implement some technical measures to support the users to act correctly in the case of malicious email:

• Configure your email client program to display all mails in plain text.

In this case all links are displayed in plain text. Even an unexperienced user can see that the link is not part of the sender’s domain and most likely part of a cyber-attack.

• Turn off attachment preview.

A previewer must read an attachment for display. In the worst case malicious code included in an attachment is executed and compromises your system.

• Turn on SmartScreen filtering.

SmartScreen Filtering will block access to know malicious sites.

That’s it for today. Have a good weekend.