|  |
SurfControl Expands Unified Phishing Attack Protection for Global Enterprises
SurfControl, provider of enterprise Web and e-mail filtering, announced the extension of its unified phishing protection for enterprises in the face of a rapidly evolving threat landscape. Through enhancements to SurfControl Web and E-mail Filters, the company is delivering the only multi-layered phishing protection that monitors, tracks and filters the two primary communications methods used for phishing attacks.
"In just a short period of time, phishing attacks have become more devious and malicious -- targeting both mass market consumers and specific businesses," said Susan Larson, vice president, global product content, at SurfControl. "The speed at which phishing threats are evolving further re-enforces the fact that unified Web and e-mail security, combined with ongoing content research around the world, is the only way for businesses to protect themselves."
Blended attacks, such as phishing, use multiple attack vectors to trick a user or circumvent IT security systems to deliver malicious content or defraud individuals. Existing security solutions focused solely on Web or e-mail security address only half of the problem. Phishing protection in particular is difficult due to the rapid speed at which Web sites (and associated domain names) come up and go down in order to conceal the attacker. Security solutions that only track URLs, and are unable to track the associated spam messages sent to lure an end-user to the phishing site, are therefore rendered ineffective.
New Protection For An Evolving Challenge
SurfControl's layered threat protection continuously filters an organization's inbound and outbound Internet traffic stopping known and emerging threats. SurfControl shields against emerging threats through Advance Threat Intelligence(SM). Backed by SurfControl's Global Threat Experts working 24/7 to monitor, track, review and update the company's content database, SurfControl is the only content security company delivering unified Web and e-mail filtering to eliminate the threat of phishing. New phishing attack protection added to SurfControl Web and E-mail Filters include:
* Expansion of SurfControl Web Filter's URL Content Database -- SurfControl has added two new categories to the company's world-class content database called "Phishing & Fraud" and "Business." These categories help businesses better log and track phishing threats, and ensure protection. The SurfControl Content Database now tracks more than nine million URLs in 47 URL categories in 70 languages.
* Extension Of SurfControl E-mail Filter's URL Content Database -- SurfControl E-mail Filter expands its tracking of spam messages associated with phishing attacks in the new "Phishing/Fraud/Criminal" category. Through integration with SurfControl Web Filter's URL Content Database, SurfControl E-mail Filter can also screen URLs associated with phishing attack e-mails. Additionally, SurfControl E-mail Filter creates dynamic digital fingerprints for malicious e-mail and can identify suspect messages via heuristics (behavior monitoring).
* Expanded Reporting Capabilities -- As the pressure mounts on both IT and security professionals to regularly communicate on the security status and activity to many audiences within an organization, SurfControl has extended its reporting capabilities to specifically illustrate which phishing attacks are being prevented. Granular auditing and reporting is critical for illustrating compliance with government regulations such as Sarbanes-Oxley and the Health Insurance Portability and Accountability Act (HIPAA).
Protection Against The Criminals Who Protect The Criminals
SurfControl's layered threat protection is particularly effective for protecting customers from the growing number of phishers that rely on offshore "bullet proof" hosting sites to remain in business. These hosting sites shield the identity of phishers and spammers and are designed to remain in continuous operation. The traditional technique of a phisher (who is also a spammer) is to rotate domain names very quickly for phishing sites and e-mail messages, and to also rotate the locations from which sites and e-mails originate. However, phishers and spammers frequently return to the same "bullet proof" hosting site. SurfControl's Global Threat Experts not only logs domains associated with phishing attacks, but can also identify the attacking site by the IP address of the hosting server. A phishing site may only be up for a matter of hours, even days, but if a phisher uses that same IP address for future attacks, SurfControl Web Filter can immediately block the attack. 14.03.2005, SurfControl
Subscribe to the newsletter | | |
| | | |
