As uncertainty continues to dominate the news, the striking wave of cybercrime we’ve seen lately is becoming less of an anomaly and more of a reality. Even the World Health Organization has reported a five-fold increase in attacks directed at its staff, with e-mail scams being the most prevalent.
In our recent article on e-mail security, we thoroughly explained why e-mail is such a vulnerability for your customers or your organization: it’s a widely used communication platform with few restrictions on content and high reliance on manual input. Furthermore, many e-mail security solutions can perform scans for known malware, but are powerless against advanced threats, BEC attacks or directory harvest.
But what if you could build an email security product or service that would protect your customers or internal users’ by stopping these threats long before they reached their e-mail servers? What if the email security solution could analyze messages in advance and add new detection patterns? By integrating our advanced Antispam SDK (Software Development Kit) you can.
However, before we present our technology, we would like to show you a few things regular e-mail security may miss and why they are important to your business and your customers’ business.
The devil is in the details, and so are cyber threats.
Whether you are an email provider, a security company, a telecom firm or an UTM vendor, you always face pressure to offer best-in-class email security by having a robust solution that will filter known, unknown and emerging threats.
The current blog post will show you a few threats that regular email security solutions tend to ignore, as well as how to protect against them.
1. Beware of language particularities. When it comes to analyzing content, it’s easy for security providers to separate spam content from meaningful messages - if the text is written in English, that is. Unfortunately, when it comes to other languages, many solutions report false positives. Therefore, it is vital that your solution is independent from language or regional attributes and provides the same level of detection for all users, regardless of location or language.
2. Enforce TLS encryption. Transport Layer Security, or TLS, is a widely used and highly efficient encryption protocol. However, due to compatibility issues with older servers, many solutions allow clients to bypass it, exposing structural vulnerabilities. Your solution should be able to enforce TLS encryption and restrict communication with unsecure servers or at least give you an alternative for simple messaging (such as plain text), in case communication with those servers is vital.
3. Enforce a sending limit. Your e-mail security platform should automatically protect you from any attempts to send large volumes of information over multiple messages. This not only prevents data exfiltration, but also averts domain blacklisting (the latter can happen even when the large volume of information is in fact legitimate).
4. Do not limit your scans to text. Spam is now so diversified that a competent text-detection solution is no longer enough. Your e-mail security should also be able to identify spam images (using computer vision or similar technologies), malicious e-mail addresses (that might be casually inserted in an otherwise harmless text) and fraud-related phone numbers.
5. Block cryptocurrency scams. Cryptocurrency scams and cryptojacking are a now a mainstay, and the efficiency of their methods increases each year. Your platform should be able to blacklist them all, from malicious websites allowing background currency mining to phishing attempts centered on payment details.
6. Use behavioral analysis. Make sure your solution can track patterns and combine multiple technologies and is not limited to regular scans. This is important, as advanced malware can be incredibly adaptive and, in certain situations, can bypass classic security.
7. Have an e-mail classification and policy engine. Spam and malware are so diversified that you need to be able to discern between attack attempts, and control triggers and filters such as e-mail size, e-mail source, attachment type, keywords, and many others. This will help you defend against directory harvest attacks and block any domain that looks similar to legitimate domains.
8. Queue e-mail. Have your solution automatically queue e-mail as both a prevention method (in case of server failures or outages) as well as a forensics method, in case something eventually escapes your safeguards.
9. Make sure your false positive rate is low. Many solutions claim high detection rates, but it’s advisable to also check their test results for false positives. Why? Because, unlike other suspicious entities (files, URLs, scripts), mislabeled e-mails can affect your business or your client’s business. Detecting a potential customer’s e-mail as ‘’fraudulent’’ can lead to lost opportunities.
10. Create custom reports and quarantine digests. Send these reports not only to your team, but also to decision makers around your company or your client’s company. Offering people insight into current vectors of attacks and trends can help them protect their systems better.
11. Respect your users’ privacy. Check whether your solution respects your users’ individual privacy, as well as current legislation. Use encryption and anonymous reports and create disclaimers for all e-mails leaving your servers in order to make legitimate e-mails stand out, as well as to be legally compliant.
Bolster Your E-mail Security with Bitdefender Antispam SDK
Part of our e-mail security ecosystem, Bitdefender Antispam Software Development Kit (SDK) is an award-winning technology that enables security vendors, telecom companies, and email service providers to bolster their email security solution and secure both their inbound and outbound email flow.
A recipient of over 22 consecutive VBSpam+ awards (as of March 2020), our technology has achieved a constant 99.9% detection rate as well as a false positive rate of zero, earning constant praise for its advanced anti-phishing capabilities.
What sets us apart from competing technologies is that we use a multi-layer, proactive antispam system that prevents exposure to malicious messages and phishing attacks in the first place, consuming minimum resources and preserving productivity. Our intelligent antispam engine classifies e-mails by analyzing them through a battery of blacklist and content filters, efficiently removing spam, phishing, extortion scams and malicious attachments.
Our Antispam SDK is easy to deploy and compatible with any operating system, and it has been commercially proven through 10 years of collaboration with large Technology Partners globally. By choosing Bitdefender Antispam SDK, you will get access to a wide range of technologies including:
- Patented algorithms and unique pattern detection methods
- Real-time prevention, based on constantly updated databases and advanced TI
- Multiple scan modes, with multi-threading and concurrency scan support
- Advanced IP, domain, and URL reputation information
- E-mail structure, headers, and body content fingerprinting
- Malicious attachment detection and cryptocurrency address blacklists
- Spam images, e-mail addresses, and phone number filtering
- Proactive heuristic detection technology
- Advanced spear phishing detection methods
- E-mail classification, powered by machine learning models
- Very low device footprint, allowing lean deployment
Furthermore, our dedicated and awarded R&D team continuously monitors the threat landscape and updates our solution with best-in-class cloud detection technologies and filters. While you’re reading this article, our machine learning classification models are being improved with innovative tags while our trending threats team is working on a global alert system that will enhance quick-reaction times.
In other words: by choosing Bitdefender, your e-mail security suite will always benefit from the latest and most efficient defense mechanisms, even before they are integrated by regular providers.
Try our solution
Bitdefender Antispam SDK is a portable platform using a single API for all operating systems and a fully customizable software development kit that provides multiple integration options.
Our SDK is provided all-inclusive, with code samples and guidance that will allow you to easily integrate it into any messaging solutions. So why not give our consultants a call and see how you can take your e-mail security to the next level?