Bank of China New York (http://www.bocusa.com), the US branch of the world's fifth largest bank, uses Proofpoint to block incoming spam and viruses, prevent exposure of private information and encrypt sensitive outbound emails to achieve compliance with data privacy regulations including the Gramm-Leach-Bliley Act (GLBA).
Last week, I was at Proofpoint's East Coast "Inner Circle" customer event and I had a chance to sit down with Kostas Georgakopoulos, Director of Information Security at Bank of China's US branch and talk with him about how the bank is using Proofpoint. You can view the resulting video embedded in this post.
Writer Penny Crosman at Bank Systems & Technology also spoke with Kostas last week and her article, Bank of China Steps Up Email Securityis also out today. In the article, Kostas says:
"Like other financial institutions, we're targeted by spammers and people who send us spearing attacks... Our concern is to protect the integrity of our data, our customers' confidential information, and the availability of our systems... We needed something that would scale, that would provide additional capabilities, for example to help us meet regulatory concerns such as Gramm Leach Bliley."
If your organization faces similar data protection and regulatory compliance challenges, you'll probably be interested in the Proofpoint whitepaper, Protecting Enterprise Data with Proofpoint Encryption, which you can register to download here:
I shot quite a few more Proofpoint customer videos at last week's event (and hope to this week at our West Coast "Inner Circle" meeting), so stay tuned for more.
As you might already know, Proofpoint exhibited last week at the RSA Conference 2010 in San Francisco. As part of our exhibit (see photo at left), we conducted an electronic survey about email trends that more than 120 booth visitors kindly took the time to fill out.
48% of respondents said their organizations had been the target a "spear phishing" attack. That is, they were targeted by a phishing email designed specifically to compromise their own email users.
59% of respondents said that their organizations have deployed an email encryption solution. An additional 19% intend to deploy such a solution in the future (most in the next 12 months).
43% of respondents said that effectiveness and accuracy is the most important factor when selecting an email security solution, while 20% said that "ease of administration" was the most important factor. 16% cited cost, 11% cited available deployment method (e.g., SaaS vs. appliance) and 6% cited vendor brand/reputation as the most important decision factor when selecting an email security solution.
Survey respondents were also asked about their top email annoyances. It's probably no surprise that spam and phishing emails that get through the organization's spam filter were the top two annoyances (39% and 27%, respectively). But certain types of legitimate email were most annoying for some of our survey respondents:
15% find legitimate email newsletters/marketing emails that are sent too frequently their top email annoyance.
10% find legitimate emails from coworkers or business contacts "that I just don't have time to answer" as most annoying. (Personally, I would fall into this camp!)
7% find social media notifications and other types of legitimate, but non-essential, emails as most annoying.
RSA 2010 was a great show for us with a lot of customers and more than 1000 interested attendees who dropped by the booth. Thanks to everyone who took the time to stop by our booth! As promised, I do have a few video interviews coming soon to the blog. Stay tuned...
Today, in an announcement issued from our booth at RSA (#1132), Proofpoint introduced the latest update to our SaaS email security and data loss prevention platform, Proofpoint 6.1.
New features in Proofpoint 6.1 include support for mutli-protocol (HTTP, HTTPS) data loss prevention, a new data loss prevention dashboard (pictured at left - click for a larger image), encryption enhancements including an Outlook plug-in for the Proofpoint Encryption solution and a variety of other security and performance enhancements.
You can check out the full press release, which has a lot more detail, here:
RSA Conference 2010 exhibits open tonight and we're looking forward to seeing any of you who are attending! Find Proofpoint at booth #1132. When you stop by, please take a moment to take our quick email security survey and we'll give you one of our classic "Defend Email" t-shirts.
Also, we're giving away a $500 Apple gift card to one lucky visitor, so make sure you drop by and get your badge scanned. See you there!
We issued a press release today about Proofpoint customer University Hospital of Zurich (aka USZ), about their deployment of Proofpoint Messaging Security Gateway email security appliances to protect 7000 email users at the hospital from spam, viruses and other inbound email risks.
Additionally, the hospital uses Proofpoint Secure File Transfer as a way to transfer large files, or files that require enhanced security/encryption, "out of band" from their SMTP email system. Like healthcare organizations in the US, University Hospital of Zurich wants to ensure that confidential, personal healthcare information isn't improperly exposed. Proofpoint Secure File transfer lets staffers send information such as patient data, medical test results, insurance information and other sensitive info in a secure fashion.
Jens Grundtvig, the manager of network security for University Hospital of Zurich says that the hospital chose Proofpoint because of a combination of ease of administration, security and cost reasons.
“The combination of an easy-to-deploy appliance, ability to enforce policies for individual users and groups, the price-performance ratio and the option for secure file transfer gave Proofpoint a strong advantage over the other four suppliers [that the hospital considered],” says Grundtvig.
You can read the full press release at the Proofpoint site here:
In the wake of their recent announcement about online scams becoming an increasingly common occurance in the UK, the British Office of Fair Trading has now received £4.3 million, which will be invested in helping to stop online scams. In a CIO article on the story, it's reported that the new enforcement team enabled by the funding will track Internet fraudsters behind online scams with an emphasis on scams offering fraudulent tickets for music and sporting events as well as the sale of fake goods (which, as you know are commonly hawked via spam email).
In other OFT news, the agency also issued a warning to Britons about a rise in the number of "work from home" and employment scams. The OFT says that their statistics show that one in four UK adults has at some point in their life been contacted by work from home scammers. These scams are attempts to swindle money by offering so-called profitable business opportunities or start-up advice. Their data also shows that 17 per cent of the adult population has been targeted in the last 12 months, and the incidence of such scams is rising.
'We are seeing an increasing volume of work from home and business opportunities scams," said Heather Clayton, senior director of the Office of Fair Trading's Consumer group. "People who are struggling financially may be particularly vulnerable to these types of scams. Genuine work from home schemes should tell you in writing exactly what you will be expected to do, how much you will be paid and how and when you will be paid."
I've reported in this sort of job scam activity in the US extensively in the past and have some tips to help keep consumers from being victimized by job scams:
Remember, first of all that any offer presented to you that sounds too good to be true usually is—whether it's presented via email, phone or direct mail.
Simply do not respond to these sorts of solicitations. Especially do not click links presented in such emails (which may lead to fraudulent websites that attempt to install malicious software on your personal computer). Note that the latest job scam emails do not include links, asking job seekers to respond to a generic webmail account (like a gmail or Yahoo mail account).
Keep in mind that anyone can place an online ad, send you an email, or post a "lure" in otherwise legitimate online forums.
Never pay a company to hire you. If the employment process involves sending the employer money, it's almost definitely a scam.
Do not wire money (which is the same as sending cash) to individuals unknown to you or to firms that have supposedly hired you.
An interesting and novel (but not unexpected) blended threat has been sighted by spam fighter Scott Panzer over in the Proofpoint Attack Response Center.
Scott tells me that there's a spam message making the rounds that includes a malicious software (malware) link that is spoofed to appear like it comes from prominent security researcher Jeffrey Carr, author of the book Cyber Warfare and CEO of GreyLogic. The spam spoofs his email address and quotes an excert from one of his recent blog postings, titled "Russian spear phishing attack against .mil and .gov employees." You can read that post by Jeffrey Carr here:
The spam message goes on to offer a protective patch "from Microsoft" to download and install. Needless to say, that supposed patch is actually malware.
Scott notes that Proofpoint Spam Detection has been updated to block this malicious email and known variants.
Yet another good example of why I encourage email users never to click on links contained in email messages! Also, because of the risks associated with malicious links like this, it's important to always have up-to-date anti-virus software installed on any net-connected machine.
Of course, just as it's unlikely that a Nigerian general would contact you via email to request your help in moving a large sum of money to an offshore bank account, it is extremely unlikely that a security expert would spam you to suggest an "urgent security patch."
Stay safe, friends! I figure it's a good time to recap my "Seven Simple Rules for Staying Safe Online":
1. Be aware: View with suspicion any email with requests for personal IDs, financial information, user names or passwords. Your bank, online services, government agencies or legitimate online stores are unlikely to ask you for this type of information via email. Consumers should also be suspicious of similar emails that appear to come from an employer or friend. Never send personal financial information such as credit card numbers and Social Security numbers via email.
2. Don’t click: If you receive a suspicious email, don’t click the links in the email or open file attachments from anything but 100 percent trusted sources. Links embedded in emails may take you to fraudulent sites that look similar or identical to the legitimate “spoofed” site. Instead of clicking, open a browser and type the actual Web address for the site into the address bar. Alternatively, call the company using a phone number you already know.
3. Be secure: When you are shopping online, entering important information such as credit card numbers, or updating personal information, make sure you’re using a secure Web site. If you are on a secure Web server, the Web address will begin with “https://” instead of the usual “http://”. Most Web browsers also show an icon (such as Internet Explorer’s “padlock” icon) to indicate that the page you are viewing is secure.
4. Don’t fill out email forms: Never fill out forms within an email, especially those asking for personal information. Instead, visit the company’s actual Web site and ensure that the page you are using is secure before entering sensitive information.
5. Keep an eye on your accounts: Check the accuracy of your credit card and bank statements on a regular basis, especially during this time of continued economic unease. If you see anything suspicious, contact the financial institution immediately.
6. Get social media savvy: Email isn’t the only attack vector used by spammers and scammers. Social media sites like Facebook and Twitter are increasingly used to deliver the same kinds of scams and malicious links to unsuspecting users. Spammers and malware writers are riding the social media wave, commonly using malicious, but convincing, emails that masquerade as notifications such as friend requests or message notifications. Keep all of the preceding tips in mind when using the latest communication tools.
7. Make security your first stop: Always make sure that your net-connected computers are protected by a good desktop anti-virus or Internet security solution—and that you keep your subscription up to date! Reputable vendors include F-Secure, McAfee and Symantec. Be extremely wary of Web pop-ups that offer “free security scans” or that inform you that your machine is infected with a virus. Such offers commonly lead to fraudulent anti-virus solutions that are actually malicious software.
I've seen a few reports of this from random folks on Twitter, but now the Scott Panzer over in the Proofpoint Attack Response Center has confirmed that we have samples of spam messages that appear to be exploiting Google Maps to send spam.
The messages, which have subject lines like "[email address] sent this to you using Google Maps:" followed by some additional (possibly randomized) text, don't contain a link to a Google Map, but instead have a link to a spam payload hosted at imageshack.us.
The image spam payloads advertise old standbys like Canadian Pharmacy (you know, in case you needed a source for "cheap Viagra").
The messages seem to be exploiting a weakness in Google Maps (either an exploit that gets around Google Maps CAPTCHA or an automated way to break Google Maps CAPTCHA) that results in the message being sent from Google servers... Which means that the messages are also DKIM signed as valid Google email.
While we've not seen very high volumes of this sort of spam (yet?), I'm assured by the PARC team that Proofpoint Spam Detection now blocks any of these spam messages that may have been evading detection.
A couple of interesting articles from the always awesome Bank Info Security today, noting that various forms of phishing are on the rise. First up, the Anti-Phishing Working Group (APWG) reported that all types of phishing are on the rise. In the APWG's report for the third quarter of 2009, phishing reports to the organization rose to a record 40,621 (in August 2009). More, including some quotes form the APWG's chairman, Dave Jeavans, here:
"Financial institutions in Michigan, Wisconsin, Minnesota and Mississippi report being hit by these "vishing" attacks in the past two weeks. Five different institutions -- three credit unions and two banks - say their customers have received vishing calls from fraudsters."
The article includes details of the various attacks.
For reasons we discuss regularly in this blog, more and more enterprises are choosing to move email security functions "to the cloud" and today's announcement from Proofpoint offers yet another example.
Headquartered globally in Paris, web and audio conferencing vendor Arkadin found that its previous on-premises email security solution was suffering from poor anti-spam accuracy and imposing too many administrative burdens on IT staff. So they looked for new solutions that provided better effectiveness versus email-borne threats as well as reduced administration time and reduced TCO.
Arkadin found that adopting Proofpoint's SaaS email security solution gave them the features and savings they were looking for, without sacrificing control and customizability. Proofpoint ENTERPRISE now protects 1000 Arkadin end-user inboxes worldwide. Says Arnaud Lejeune, executive president of operations for Arkadin:
“We needed an email security solution with better performance that was also reliable and easy to manage. Proofpoint ENTERPRISE delivered on all of those requirements and more. By moving to Proofpoint’s cloud computing-based email security solution, we’ve greatly reduced our costs, effectiveness in stopping spam has been incredible and performance is guaranteed by service level agreements. It’s the perfect solution for enterprises faced with these problems.”
Arkadin’s information services team was also impressed by level of customization enabled by Proofpoint’s SaaS email security solution.
“Even though it’s a SaaS solution, Proofpoint ENTERPRISE gives us a level of control and configurability comparable to on-premises appliances,” said Jean-Claude Asseufi, global IS support manager at Arkadin. “Everything is managed by a centralized, Web-based management console, so we can easily make changes and get complete visibility into our email systems.”
If you'd like to learn more about the advantages of moving email security to the cloud and tips on what large enterprises should look for when buying security-as-a-service, register for our next live web seminar at the following link:
