Story image

NZ-based email provider SMX out to catch cyber phishers and whalers

21 Jun 16

Auckland-based cybersecurity company SMX Limited is taking on spear phishers and whalers in its new software enhancements against phishing fraud.

SMX chief technology officer Thom Hooker says that the phishing industry is becoming more sophisticated, with targeted email attacks becoming 'spear phishing' and 'whaling' attempts that are the most serious cybersecurity threads facing New Zealand organisations.

Phishing involves social engineering and email spoofing that looks legitimate, in an attempt to steal confidential information or money from organisations. Spear phishing targets a specific person or a number of employees or customers, Hooker explains.

Whaling targets and aims to con high-level executives out of private company information. Tactics may include identifying key executives with fund transfer authorisation and using their details to counterfeit emails to enact transfers, Hooker says.

“There are companies out there right now losing substantial amounts of money, confidential information, or both. A number of law firms have been hit particularly hard,” Hooker says.

SMX developed algorithms and 'rules' to combat processes that are likely or known phishing or whaling attacks. In addition, new functions in its email security filters to analyse email metadata, which the company says will further prevent attacks in real-time, without any action needed by the end user.

Hooker says this works by providing SMX with a list of potential attack targets and their email addresses. The SMX data loss prevention engine blocks mismatches in metadata between what the target sees in their email client and what the mail server 'parses'.

SMX also provides additional protection layers by only allowing authorised email addresses through filters. While it does require setup and maintenance, it only needs changing when list members change, SMX says this requires minimal training.

“The bottom line is that email security has to be dynamic and able to respond quickly with new defences to new threats as they emerge. A key strength of SMX is that as a cloud service we can implement new defences for all of our customers literally in real time,” Hooker concludes.

SMX develops and provides cloud email services and solutions offering mail filtering, data control, data loss prevention and archival services. The company services 200 blue chp clients across New Zealand and Australia, including Fujitsu, Revera and CCL.

Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
SingleSource scores R&D grant to explore digital identity over blockchain
Callaghan Innovation has awarded a $318,000 R&D grant to Auckland-based firm SingleSource, a company that applies risk scoring to digital identity.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Spark Lab launches free cybersecurity tool for SMBs
Spark Lab has launched a new tool that it hopes will help New Zealand’s small businesses understand their cybersecurity risks.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.
Cylance makes APIs available in endpoint detection offering
Extensive APIs enable security teams to more efficiently view, enrich, and contextualise real-time intelligence collected at the endpoint to keep systems secure.
SolarWinds adds SDN monitoring support to network management portfolio
SolarWinds announced a broad refresh to its network management portfolio, as well as key enhancements to the Orion Platform. 
JASK prepares for global rollout of their AI-powered ASOC platform
The JASK ASOC platform automates alert investigations, supposedly freeing the SOC analyst to do what machines can’t.