Cybercriminals are now using a wide range of techniques to gain access to business networks and obtain sensitive data, including zero day exploits, brute force attacks, and IoT devices. While these new and constantly changing tactics pose a significant threat, the most commonly used attack vector is still email.
Email is still the most common way for malware and ransomware to be installed. According to the Verizon April 2018 Data Breach Investigations Report, 48% of malware infections occurred via email. Phishing attacks via email are one of the leading causes of data breaches.
To help businesses protect against email-based threats, Fortinet developed the FortiMail secure email gateway and continues to enhance its features to ensure the best possible level of protection for customers, with a host of new features incorporated into version 6.0 which was released last week.
FortiMail version 6.0 incorporates an even greater range of features to better protect business networks, including advanced capabilities to detect highly sophisticated email threats and the latest social engineering-based attacks.
While most email security solutions provide a good level of protection against malicious attachments and phishing emails with embedded hyperlinks, many social engineering-based attacks include neither. Without any attachment or URL to sandbox or proxy, these emails are difficult to detect as malicious. However, these emails can be just as dangerous as any containing malware. This is clearly evident in BEC attacks in which the CEO or CTO’s email account is spoofed, or worse, compromised. The latest FBI figures show BEC attacks have cost businesses more than any other form of cybercrime.
FortiMail provides protection against these types of attacks by incorporating message authentication controls to discover the true sender of the email and looks for inconsistencies in messages. Protectuion against BEC attacks has been further enhanced in version 6.0.
Additional features in the new release include:
- Impersonational analysis: Guards against impersonation attacks by mapping display names with email addresses.
- URL click protection: URLs are directed to the FortiMail device for an additional FortiGuard URL Filter scanning service.
- Email Delivery Control: Rate limits email delivery
- Email Subject Scans: DLP sensitive data is scanned with URL checking to email subject
- Decryption of Password-Protected Office documents
- Authentication Reputation: Tracks and scores failed password attempts to reduce potential for brute force attacks
- Support for SHA256 file signatures
- NTLM support
- SAML SSO and Google G-Suite Integration
- Incorporation of web access and mail access controls to individual network interfaces
- LDAP ACL verification: Querying LDAP server to verify sender and recipient