UPDATED 01:24 EDT / MARCH 02 2016

NEWS

Mimecast previews new email security cloud service that protects against whaling

Cloud-based email management firm Mimecast Ltd. is set to preview an email security cloud service designed to protect customers from the growing threat from spear-phishing email attack where company officers are impersonated, also known by names including CEO Fraud, Business Email Compromise or whaling.

The new service, going by the name of the Impersonation Protect, provides protection against whaling attacks as part of  Mimecast’s Targeted Threat Protection, in combination with their URL Protect service, which makes sure that links in emails are legitimate, and Attachment Protect, a service with provides protection against weaponized attachments.

“Email remains the attack vector of choice for cyber-criminals, and they are constantly evolving their tactics to bypass traditional email security defenses. Whaling attacks can be extremely difficult for employees and IT pros alike to spot and they need help to put an end to this multi-billion-dollar fraudulent activity,” Mimecast Chief Executive Officer Peter Bauer said in a statement sent to SiliconANGLE. “Mimecast Targeted Threat Protection already defends thousands of employees around the world. The new Impersonation Protect service will add another layer of critical security to protect against the threat from whaling or CEO fraud.”

Fortuitous timing

News of Mimecast’s new Whaling protection product comes a day after news broke that payroll records at messaging app maker Snapchat, Inc. had been compromised after an employee sent the details to a bad actor who was impersonating Chief Executive Officer Evan Spiegel.

Mimecast itself warned last year that organizations need to be aware of an increased prevalence of targeted whaling attacks, saying that “cyber attackers have gained sophistication, capability and bravado over the recent years, resulting in some complex and well-executed attacks… he barriers to entry for whaling attacks are dangerously low. As whaling becomes more successful for cybercriminals, we are likely to see a continued increase in their popularity, as hackers identify these attacks as an effective cash cow.”

While this new product fits in is to strengthen filtering at the corporate gateway, the advice given previously by Mimecast still holds true:

Mimecast recommends companies educate senior management, key staff and finance teams on this specific type of attack, and then carry out tests within the business to make sure people are aware of the risk they provide.

Companies should also consider inbound email stationery that marks and alerts employees to emails that have originated outside of the corporate network.

Domain name registration alerting services are recommended so that a business is alerted in the event someone registers a domain name that closely resembles their corporate domain, and companies should also consider registering all available Top-Level Domains (TLDs) for their name.

More details about the new product can be obtained from the Mimecast booth at the RSA conference currently being held in San Francisco.

Image credit: cmichel67/Flickr/CC by 2.0

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU