|
| |
Take Charge of Your Email Backup Security |
2008-03-11 |
Recently some people have used a Gmail backup software known as G-Archiver to backup their email and save to a portable disk. But in fact it has turned out that G-Archiver is malicious ruse set by hackers. After it is installed, G-Archiver hides a backdoor program that will automatically transmit the user's Gmail account number and password to the hackers, allowing them to enter the user's Gmail. And because of Google Apps services, a hacker possessing a stolen account number and password can access a wide range of services and documents, exposed users in danger. When this type of malicious software steals the e-mail account information of an inattentive employee of a company using Google Apps, all of the company's data and secrets will be vulnerable to the hackers.
According to Cellopoint's technical consultants, that more and more companies are considering adopting outsourced service models in keeping with the growing popularity of software as a service (SaaS). But these companies should make sure to take information security into consideration: Many well-known SaaS providers have had data leaks. For instance, employees at SalesForce have opened e-mail containing trojan horse viruses, leading to the theft of customer data. Everyone should be careful to prevent this kind of incident.
Cellopoint's Email Security Appliance can take care of e-mail security, e-mail audit, and e-mail backup management within your organization. It is less costly than outsourcing, simplifies management tasks, and improves policy implementation efficiency. |
|
|
Email Auditing Stands Guard over Corporate Email |
2008-03-04 |
Many prominent web sites in Taiwan and abroad have recorded data losses since 2007, and the situation appears to be getting worse and worse. Data theft is a growing problem, and the losses caused by theft are also rising rapidly. If no further action is taken, the problem will be even more severe this year. Many businesses have discovered to their dismay that their existing network security, despite the resources and manpower needed to purchase, install, and maintain it, is quite flimsy in the face of determined attacks by hackers. As a result, businesses are forced to hire external information security consultants and vendors. From Cellopoint's point of view, protecting against leaks of sensitive data must start from the content control. An organization must clearly define confidential ranks, tag data correctly, and use appropriate auditing products like Email Real-time Auditing of Cellopoint as a defensive measure. Cellopoint's appliance possesses two important functions that prevent the leakage of sensitive data and ensure compliance with laws and regulations.
Preventing Leakage of Sensitive Data
Employees typically pay little attention to data security when sending email. They are seldom aware that unencrypted messages could be intercepted or viewed surreptitiously. For instance, a new employee may send a classified document to an external CPA office in the form of a file attachment, and may be unaware that the content of the message can be easily intercepted by hackers. But when a company uses Cellopoint's appliance, it can scan, classify, and rank a confidential level to incoming and outgoing email, and can quarantine or bypass messages according to preset policies. For instance, in order to guard against the loss of sensitive data, a policy can be set that unencrypted attached files may not be sent to external networks.
Compliance with Laws and Regulations
Many companies and organizations must comply with such laws and regulations as SOX, GLBA, and HIPAA, etc. In the wake of major information security incidents, there have been repeated demands for tightened legal compliance, and many countries have drafted new laws and regulations to constrain the actions of companies and organizations. Data leak prevention technology can play an important role in ensuring legal compliance. Cellopoint not only protects your data, but also shows that you have taken appropriate steps to ensure regulatory compliance.
|
|
|
Cellopoint Effectively Resolves Corporate Mail Filing and Audit Problems |
2008-02-26 |
It is critically important to maintain corporate intellectual property rights and sensitive data in order to reduce monitoring effort and financial risk and protect your company's brand assets. Cellopoint's content policy management helps IT managers to simplify complex management tasks: Cellopoint will not only manage your e-mail while helping implement policies and uphold regulations, but also maintain e-mail and data security. Any e-mail violating predefined rules can be automatically handled in an appropriate manner, avoiding unwanted information leaks.
Cellopoint inspects the content of e-mail sent internally and externally, and precisely-defined rules and filter conditions can be assigned to specific organizations, groups, or individuals, allowing e-mail to be isolated, routed, copied, or backed-up according to policy rules. The detailed audit statement function lets managers understand clearly the effectiveness of each policy, helping them adjust and optimize policies. Cellopoint's real-time content audit function quickly and effectively scans e-mail, and IT managers need not worry that use of the equipment will affect existing e-mail transmission functions—delayed transmission will never occur. To ensure that e-mail can be effortlessly filed, backed-up, retrieved, and read, Cellopoint is constantly performing R&D aimed at making sure that customers' e-mail and logs are properly stored and easily retrieved.
|
|
|
| |
2008-01-22 |
Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Using social networking it gains the trust of receivers to open e-mail, and implants Trojan to the victim computers, theft of personal bank accounts. The truth is that the e-mail sender information has been faked or "spoofed." Whereas traditional phishing scams are designed to steal information from individuals, spear phishing scams work to gain access to a company's entire computer system. The original spear fishing limited to the financial sector for a number of listed companies or the behavior of amateur hackers, but recently the United States Association for Network Security System (SANS Institute) warning, a spear phishing may become international espionage and intelligence activities in a way. They discovered many phishing e-mail attacks of professional models that do not look like amateur hackers, and this is very organized. The suspected motive is not pure; there may be mastermind behind the scheme. Whatever behinds the scene, commercial secrets and national defense secrets are the most serious things we should protect. It will cause irreparable harm to companies or the public. Because hackers are hiding in a dark place, passive prevention is just basic, the auditing is more important to the private companies or public organizations of information access control. In addition to entities outside the control of information, the e-mail content filtering is most important and popular one. Whether outbound or inbound e-mails have to go through the e-mail firewall scanning and confirm no confidential contents before they are allowed to pass through. Even a personal computer inadvertently has been inserted Trojans, data will not be compromised.
Encountering these internet threats, Cellopoint lab suggests that the first thing to do certainly is to develop a complete set of security-control policies and patches enforcement to staff computers. Not only prevention, making timely response measures to prepare for data leakage from inadvertently infected computer. Such as adding an e-mail security auditing and monitoring mechanisms in the last hurdle. Even if employees’ computers were compromised and embedded with the Trojan, we could first stop leakage of confidential information at gateway level before computers were inserted Trojan, as an extra key or another layer of protection to avoid regrettable occurrence.
|
|
|
2007 Yearly report of Spam |
2008-01-08 |
2007 is Big for the "Spam industry". Various types of spam emerged, all control spam acts was developed, is developing and will be developed among many countries. With the Internet scam sophisticated, the roles of hackers and Spammers were overlapped. From the point of view of Cellopoint Global Anti-spam Center, spam in the past year continued to change and it should not be underestimated. From the proportion of 2007, the overall volume of spam accounts for about 70 ~ 80 percent of all email amount.
Spotlights:
Image spam evolution: JPEG to PDF spam and it follows with MP3 spam and the latest video spam. Wave after wave of spam emerged, but the total is on a downward trend.
Mail fraud and phishing continued to increase: According to statistics, it consisted about 10 percent of overall spam.
Pump-and-dump spam: Grab money directly from the user accounts is not easy, but rumor mongering is not too difficult. Spammer can gain a great profit by pump-and-dump small equity shares in OTC market. Sanctions not act on the victim's credibility and even made companies cease trading.
Social engineering spam: The festival greetings, MP3 download, gossip, and other acts of imitation normal mail messages subject to entice people open mail then to implant Trojans.
Dictionary attacks: To obtain a valid e-mail addresses to deliver spam.
Actions against spam:
Since the United States CAN-SPAM Act passed, 2007 is a growing year for law enforcement, such as: the FBI Bot Roast action, the United States Securities and Exchange Commission Operation Spamalot. They arrest many spammers, and sued them under judicial procedure. One hacker needs to face up to 110 years in prison. Criminal law may more effective than civil compensation. But these arrests not include China and the Russian’s hackers; the cross-national cooperation is still inadequate.
2007 in review
Image spam was popularity in 2007, and spammer developed a number of new spams, including the use of Botnet (zombie network), audio and video and Google search strings. Pump-and-dump spam gradually replaced traditional phishing letter. The amount of profit was growing higher and higher. In the United States, spam has caused hundreds of billions of dollars in losses. As spammers becoming more sophisticated, spam defense will be even more difficult for law enforcement agencies and businesses and also relate to the capabilities of anti-spam vendors.
|
|
|
Video pump-and-dump Spam targets inboxes |
2008-01-03 |
Recalling 2007, Cellopoint Lab announced a lot of analysis of spam evolution. When the first time spammers put innovation into image spam, Cellopoint Lab had warned people of the possibility that spam may turn into audio and video format in the nearly future. Just as expected, with the pump-and-dump spam targeted inboxes, image spam followed after the defrauding crisis of mp3 spam in few months ago.
Cellopoint Lab has intercepted many of spam contained video links; the user will be guided to a high-definition video stream. Spammer clipped from legitimate television commercials and inserted conversation discussing the company’s strategies and financial prospects, which made users to believe. After the broadcasting the news that the company had earned higher profits, investors were lured to buy shares. Spammer used the opportunity sell them quickly after the messages was sent and made a lot of profit. The target symbols had not been selected accidents; they were all Pink Sheets and OTC with small equity units, low-priced and easy speculation as their characteristics. With video streaming technology makes great strides, the production and dissemination of high-definition video files become easily. Same as video spam, it causes personal or business losses and people are extremely difficult to prevent. Under the circumstances, enterprises cannot rely on legislation or internet service providers’ self-discipline. They cannot afford to the loss and must cope with the situation. Cellopoint technical consultant recommends that companies can use e-mail firewall as the first checkpoint to the e-mail to prevent employees from the opening a fraud hidden malicious e-mail and the un-trust URL inside mail body. The firewall can be a gatekeeper to e-mail systems and protect business from the various threats. |
|
|
Can-Spam fine – is it working? |
2007-12-25 |
National Communications Commission (NCC) of Taiwan reached an agreement last week's meeting that they will amend "Regulation of can spam management" in next year and propose to the Legislative Yuan. If the regulation passed, victims of spam will be able to claim compensation from spammers at maximum 2,000 NTD each. The total amount will be up to 20 million NTD per unique subject email. This is to improve the current situation of the spam proliferation. Looking at the trend, many countries are using legislative ways to punish and deter such acts, but it is very difficult to collect evidence while enforcing. Hackers were mostly utilizing foreign network location as a springboard. Law enforcement would need more international collaboration to solve the problem.
To the United States, the FBI announced last month that it has taken actions against botnet-runners (use of zombie computers to send spam hackers) by collecting evidence and arresting. It has charged eight American botnet - runners and one of them needs to be face a maximum 60 years in prison. The above-mentioned are aimed at hackers within U.S., but actually there are thousands of hackers and illegal companies actually in Russia, China and other places. Without true transnational cooperation, authorities are barely making a dent in the influx of spam, which are most pervasive in countries with lax laws. From the points of enterprises, even with the law is valid, it may too late to patch computers after they were attacked. The most important is earlier detection and prevention, not only to prevent external spam, but the prevention of in-house computers which compromised by hackers as the springboard. For internal monitoring, Cellopoint Email Firewall (CEF) supports outbound email scan. If an email does not behave normal, it will be isolated by CEF. The people in charge will be informed to confirm the delivery. After eliminating the possible of compromised computer, they can safeguard their reputation and remain a good corporate image.
|
|
|
Cellopoint Reminds: divulgence of confidential information to prevent enterprises from the start with the internal e-mail auditing |
2007-12-13 |
Anti-Virus, firewall, is safe enough? For enterprises, the significance of information security cannot only be thought of as preventing computer injuries, but more the protection of corporate intellectual property. In fact, intellectual property protection must include an internal auditing implementation. Without perfect auditing rules, the information leakage caused by the staff negligence is impossible to guard against. Although you have installed anti-virus program on every computer, and timely updated patches to repair vulnerabilities, this couldn’t help if your employees are not regulated by proper policies. For example, the most commonly used business communication tool is the e-mail, when people were writing e-mail with on confidential information, which did not notice that the addressee includes external recipients, which is prone to errors and very serious.
Email is the most common use of a legally-effective form of documents, so the email auditing cannot be overlooked. Cellopoint Email Auditing and Archiving Module can be set in line with corporate policy provisions, which can filter keywords which appear in mail content, quarantine check for confirmation or only deliver to specific recipients. The others not in the trust address list are not allowed automatically receiving the mail. With Cellopoint Auditing and Archiving Module, not only centralizes management mail system, but also simplifies the auditing process. It can integrate with Cellopoint anti-spam and anti-virus module to harden the protection of the corporate e-mail system.
|
|
|
Financial sector targeted in e-mail Trojan attacks |
2007-11-28 |
【Notice of the federal Department of Justice】Such kind of frauds usually use phone or letter to thieve people’s identity and backing accounts. While consumers are the most obvious victims, the threat spreads far wider. Scammers are more targeted to company’s founders or finance managers. They send out an email that mail header contains receiver’s full name to lure these executives to open it. With email title usually pretends to be the name of some government agencies or the federal Department of Justice, it’s easy to win trust. The email is not asking for remittance or revealing personal information but to injure the recipient’s PC. When they open the attached files, Trojans will be implanted to steal commercial or financial information in order to obtain greater profit. Information likes merger news, business secrets or financial statements are the scammers’ target.
Cellopoint Lab says that staff did not have sufficient knowledge of fraud to identify the indicators that fraud may have been committed. Hackers can easily pass through the security firewall of hardware and software; and scam the personal account passwords and financial information. They can thieve or modify important information which causes poor reputation and it just get more serious as other forms of hacking attacks.
General mail counterfeiting practices include:
1. Header fraud: the mail subject is disguised as official document title, such as "2007 employees’ welfare purchase program", "XX general manager’s open letter to employees", "Information Center bulletin."
2. Bogus sender: pretend as colleagues, competitors, vendors, customers, or government institutions.
3. Content falsification: hackers intercept legitimate mail, doctor with the email content then sent to the recipient.
4. Fake URL links: lure users to click on a fake website.
5. Embedded e-mail form: a form with user’s input was transferred back to hackers.
Cellopoint Lab explains that the fundamental solution is to add identity verification to email, made it identified as a truly genuine sender / sending unit, and its content without being altered. Certificates can be applied on as email digital signatures. Sending email with digital signatures provides the Integrity of email, Authentication and Non-Repudiation. Just like a confirmation of the identity of senders or a security label, it prevents mail counterfeiting effectively.
|
|
|
The season for holiday spam |
2007-11-05 |
Stat from Cellopoint Lab shows that Spammers raise spam attacks on the eve of the major national holidays has become a trend. The Storm Worm, dormant for several weeks, had come back. With Halloween spam email, it spread out everywhere and caused personal data leaking. Researcher of Cellopoint said that during the traditional holidays, such as Halloween, Thanksgiving and Christmas, etc., the social engineering is most effective. People are not guarded against of email with subjects “Halloween Party”. When they click it on, a downloader tries to grab Trojans without awareness, the computer will become a member of a zombie network, controlled by the Spammer to distribute more spam. In two weeks ago, the outbreak of the large number of pump-and-dump mp3 spam was through this way.
Thanksgiving Day and Christmas is around the corner, are you well prepared? Cellopoint e-mail firewall is a front-end mail gateway for your enterprise setting to the gateway to prevent all types of viruses, worms and Trojan horses into the mail servers. It protects all corporate network endpoint safety, and blocks the infecting opportunity from the source to reduce the burden on MIS and enhance corporate efficiency.
|
|
|
|
|
|
