Story image

NZ-based email provider SMX out to catch cyber phishers and whalers

21 Jun 2016

Auckland-based cybersecurity company SMX Limited is taking on spear phishers and whalers in its new software enhancements against phishing fraud.

SMX chief technology officer Thom Hooker says that the phishing industry is becoming more sophisticated, with targeted email attacks becoming 'spear phishing' and 'whaling' attempts that are the most serious cybersecurity threads facing New Zealand organisations.

Phishing involves social engineering and email spoofing that looks legitimate, in an attempt to steal confidential information or money from organisations. Spear phishing targets a specific person or a number of employees or customers, Hooker explains.

Whaling targets and aims to con high-level executives out of private company information. Tactics may include identifying key executives with fund transfer authorisation and using their details to counterfeit emails to enact transfers, Hooker says.

“There are companies out there right now losing substantial amounts of money, confidential information, or both. A number of law firms have been hit particularly hard,” Hooker says.

SMX developed algorithms and 'rules' to combat processes that are likely or known phishing or whaling attacks. In addition, new functions in its email security filters to analyse email metadata, which the company says will further prevent attacks in real-time, without any action needed by the end user.

Hooker says this works by providing SMX with a list of potential attack targets and their email addresses. The SMX data loss prevention engine blocks mismatches in metadata between what the target sees in their email client and what the mail server 'parses'.

SMX also provides additional protection layers by only allowing authorised email addresses through filters. While it does require setup and maintenance, it only needs changing when list members change, SMX says this requires minimal training.

“The bottom line is that email security has to be dynamic and able to respond quickly with new defences to new threats as they emerge. A key strength of SMX is that as a cloud service we can implement new defences for all of our customers literally in real time,” Hooker concludes.

SMX develops and provides cloud email services and solutions offering mail filtering, data control, data loss prevention and archival services. The company services 200 blue chp clients across New Zealand and Australia, including Fujitsu, Revera and CCL.

New threat rears its head in new malware report
Check Point’s researchers view Speakup as a significant threat, as it can be used to download and spread any malware.
Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.