SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
NZ-based email provider SMX out to catch cyber phishers and whalers
Tue, 21st Jun 2016
FYI, this story is more than a year old

Auckland-based cybersecurity company SMX Limited is taking on spear phishers and whalers in its new software enhancements against phishing fraud.

SMX chief technology officer Thom Hooker says that the phishing industry is becoming more sophisticated, with targeted email attacks becoming 'spear phishing' and 'whaling' attempts that are the most serious cybersecurity threads facing New Zealand organisations.

Phishing involves social engineering and email spoofing that looks legitimate, in an attempt to steal confidential information or money from organisations. Spear phishing targets a specific person or a number of employees or customers, Hooker explains.

Whaling targets and aims to con high-level executives out of private company information. Tactics may include identifying key executives with fund transfer authorisation and using their details to counterfeit emails to enact transfers, Hooker says.

“There are companies out there right now losing substantial amounts of money, confidential information, or both. A number of law firms have been hit particularly hard,” Hooker says.

SMX developed algorithms and 'rules' to combat processes that are likely or known phishing or whaling attacks. In addition, new functions in its email security filters to analyse email metadata, which the company says will further prevent attacks in real-time, without any action needed by the end user.

Hooker says this works by providing SMX with a list of potential attack targets and their email addresses. The SMX data loss prevention engine blocks mismatches in metadata between what the target sees in their email client and what the mail server 'parses'.

SMX also provides additional protection layers by only allowing authorised email addresses through filters. While it does require setup and maintenance, it only needs changing when list members change, SMX says this requires minimal training.

“The bottom line is that email security has to be dynamic and able to respond quickly with new defences to new threats as they emerge. A key strength of SMX is that as a cloud service we can implement new defences for all of our customers literally in real time,” Hooker concludes.

SMX develops and provides cloud email services and solutions offering mail filtering, data control, data loss prevention and archival services. The company services 200 blue chp clients across New Zealand and Australia, including Fujitsu, Revera and CCL.