Proofpoint: Security, Compliance and the Cloud

In conjunction with last week's Infosecurity Europe 2013 show, our UK team put together this really cool infographic that explains how a new class of industrial-scale phishing attacks -- which Proofpoint recently dubbed "longline phishing" attacks -- work, along with tips for avoiding such attacks.

To learn more about this new class of phishing attacks, check out our longer form report, Longline Phishing: Email-borne Threats, Cloud Computing, Big Data, and the Rise of Industrial Phishing Attacks.

Click the infographic image below to view it full size!

In conjunction with our exhibit at the 2013 RSA Security conference, Proofpoint published a new report today that describes a new class of phishing attacks that the company has dubbed "Longline" phishing attacks.

Longlining, which is named after the industrial fishing practice of deploying miles-long fishing lines with thousands of individual hooks, combines successful spear phishing tactics with mass customization. Using these techniques, attackers are now able to rapidly deploy thousands of unique, malware laden messages that are largely undetectable to traditional signature and reputation-based security systems.

Worse, despite their scale, these mass customized phish were effective enough to trick more than 10 percent of recipients into clicking on malicious content capable of taking complete control of PCs and compromising corporate networks.

Proofpoint was able to trace and defeat these attacks for enterprises using Proofpoint Targeted Attack Protection™, the company's recently introduced, big data protection solution. Download our new paper, Longline Phishing: Email-borne Threats, Cloud Computing, Big Data, and the Rise of Industrial Phishing Attacks to learn more about this new class of attacks, including:

• The unique characteristics of longline phishing attacks

• How those characteristics make longlining attacks extremely difficult for traditional email and perimeter security systems to detect and block

• Details about how these attacks are carried out

• Data about the alarming effectiveness of longline phishing attacks

And if you're at the RSA Conference this week, come visit us at booth 739 -- take our annual security survey and we'll give you one of our limited edition t-shirts (as usual, they are pretty cool for vendor swag).

In a press release issued today, Proofpoint announced its Winter 2013 release, which includes updates to our entire suite of cloud-based enterprise security and compliance solutions. One of the highlights of the latest release is a new cloud solution for securely transferring large or sensitive files, Proofpoint Secure Share.

Proofpoint Secure Share provides enhanced security and administrative control over traditional file transfer methods, existing on-premises solutions, and public cloud file sharing services. It leverages the advanced data loss prevention features of Proofpoint Enterprise Privacy to automatically enforce DLP rules such as blocking or encrypting sensitive content.

For a quick overview of the capabilities of Proofpoint Secure Share, including the end-user experience, administrative interface and data loss prevention features, check out this brief video demonstration:

In addition to the new secure file transfer capabilities, the Winter 2013 release includes enhancements across our cloud-based threat protection (Proofpoint Enterprise Protection, Proofpoint Targeted Attack Protection), archiving (Proofpoint Enterprise Archive), and governance (Proofpoint Enterprise Archive Content Collection option) solutions.

In our next live web seminar, File Sharing: Getting Data Control Without Frustrating Your Enterprise Users, we'll be taking a closer look at Proofpoint Secure Share and the issues involved in enabling business users to share large files in an easy, secure and compliant way.

The new Proofpoint whitepaper, Meeting the Challenges of HIPAA Compliance, Phishing Attacks and Mobile Security discusses three of the most pressing IT security and compliance challenges facing healthcare organizations today.

Read this whitepaper for an update on HIPAA regulations and recent enforcement actions, new attack trends such as spear phishing and other forms of advanced targeted attacks that are putting confidential healthcare information at risk, and mobile/BYOD security and compliance issues in the healthcare space.

To download your free copy, follow the link above, or simply complete the mini form below:

We're honored once again to be finalists in SC Magazine's Readers Trust Awards. Proofpoint Enterprise Protection and Proofpoint Enterprise Privacy are finalists in the Reader Trust Awards category "Best Email Security Solution."

You can read more about this category and find the complete list of best email security solution finalists here, "Best Email Security Solution."

As usual, the winners of the annual SC Awards will be unveiled at an event held in conjunction with the RSA Security Conference which will be held at San Francisco's Moscone Center, February 25 through March 1, 2013. (If you'd like to attend the RSA Security Expo free of charge, see my previous blog post about how you can use Proofpoint's code FXE13PRF when you register.)

Proofpoint followers may recall that Proofpoint Enterprise Protection and Privacy won a similar category ("Best Email Content Management Solution") in 2012. If you'd like to learn more about why SC Magazine readers selected Proofpoint as the 2012 winner, you can register to download the award write-up here.

Thanks to our friends at SC Magazine for once again recognizing Proofpoint Enterprise as one of today's leading email security solutions!

It will come as no surprise to regular readers of this blog, but it was revealed this week that a recent, massive data breach at the South Carolina Department of Revenue -- which exposed "millions of Social Security numbers, bank account information and thousands of credit and debit card numbers" according to SearchSecurity -- started with a phishing attack around mid-August 2012.

According to the official response report (South Carolina Department of Revenue, Public Incident Response Report, November 20, 2012),  "A malicious (phishing) email was sent to multiple Department of Revenue employees. At least one Department of Revenue user clicked on the embedded link, unwittingly executed malware, and became compromised. The malware likely stole the user’s username and password."

Later, the attacker logged into a remote access service using compromised user credentials and began an ongoing process of escalating privileges and installing malware on compromised servers. Potentially stolen information exfiltrated by the attacker totalled more than 74 Gigabytes of data.

SearchSecurity's coverage (see, "Phishing attack, stolen credentials sparked South Carolina breach") notes that, "In addition to the 3.8 million people whose data were exposed, the breach included information on 1.9 million dependents. It also included data on 699,900 businesses. Information on 3.3 million bank accounts were also stolen."

SC Magazine also has a good summary of this attack and the phishing attack that ulitmately lead to the release of confidential information (see, "S.C. tax breach began when employee fell for spear phish").

If you're interested in the methods and motives of today's advanced targeted attackers, you'll want to join us for our next live web seminar, "Targeted Hybrid Attacks on Organizations:
2012 & Beyond," on Wednesday, December 5 (11 AM PT / 2 PM ET).

Forrester Research security analyst Rick Holland will be on hand to discuss the South Carolina breach as just the latest example of spear phishing-lead attacks, why organizations keep getting phished, and how to apply today's email security solutions to keep your enterprise's most valuable data secure.

Follow the link above to register, or simply complete the form below:

Yes, the holiday season is approaching once again and along with holiday celebrations and shopping — especially "Cyber Monday" and "Black Friday" sales, which seem to start earlier every year — also comes an increase in online threats.

Over the past several years, Proofpoint security researchers have observed that the that the volume of attacks — including phishing email attacks, social media exploits and other types of malware attacks — typically increases during the holiday season. Many of these attacks are engineered to take advantage of the consumer mindset during the holidays.

Our October 2012 report on email security threats found that, on any given day, phishing attacks represented 10% to more than 30% of total unsolicited email volume and this trend has continued into the first part of  November.

So, as is traditional here at Proofpoint, I wanted to take a moment to remind you of our "Seven Simple Rules" for staying safe online during the busy holiday season. Read on for our updated tips for 2012 and feel free to share them with your friends, family and email users!

As usual, we also have a couple of early presents for you IT security types: December's live web seminar "Targeted Hybrid Attacks: 2012 and Beyond" will feature special guest Rick Holland, security analyst for Forrester Research. And you can read Rick's latest research, The Forrester Wave™: Email Content Security, Q4 2012, compliments of Proofpoint.

Proofpoint's Seven Simple Rules for Staying Safe Online During the Holidays

1. Be aware: Always view with suspicion any email with requests for personal IDs, financial information, user names or passwords. Your bank, online services, government agencies or legitimate online stores are extremely unlikely to ask you for this type of information via email. Consumers should also be suspicious of similar emails that appear to come from an employer or friend. Never send personal financial information such as credit card numbers and Social Security numbers via email. Today’s malicious emails and phishing attacks are disguised as communications from all sorts of organizations, including banks, money transfer services, government agencies, media outlets, and package delivery services.

2. Don’t click: If you receive a suspicious email, don’t click the links in the email or open file attachments from anything but 100 percent trusted sources. Links embedded in emails may take you to fraudulent sites that look similar or identical to the legitimate “spoofed” site. In addition to attempting to gather your personal login credentials, these phishing sites may also automatically install malicious software, without your knowledge. Increasingly, scammers are using link shortening services to disguise the true destinations of their links. Instead of clicking, open a browser and type the actual Web address for the site into the address bar. Alternatively, call the company using a phone number you already know.

3. Be secure: When you are shopping online, entering important information such as credit card numbers, or updating personal information, make sure you’re using a secure Web site. If you are on a secure Web server, the Web address will begin with “https://” instead of the usual “http://”. Most Web browsers also show an icon (such as Internet Explorer’s “padlock” icon) to indicate that the page you are viewing is secure.

4. Don’t fill out email forms: Never fill out forms within an email, especially those asking for personal information. Instead, visit the company’s actual Web site (using a Web address you already know) and ensure that the page you are using is secure before entering sensitive information.

5. Keep an eye on your accounts: Check the accuracy of your credit card and bank statements on a regular basis, especially during the busy holiday shopping season. Many scammers count on consumer inattention to get away with fraudulent charges. If you see anything suspicious, contact your financial institution immediately.

6. Get social media savvy: Email isn’t the only attack vector used by spammers and scammers. Social media sites like Facebook and Twitter are increasingly used to deliver the same kinds of scams and malicious links to unsuspecting users. Spammers and malware writers continue to distribute malicious, but convincing, emails that masquerade as notifications such as friend requests or message notifications. Keep all of the preceding tips in mind when using the latest communication tools.

7. Make security your first stop: If your holiday includes giving or receiving a new computer, mobile device or upgraded operating system, install a good anti-virus or Internet security solution before doing anything else online. Reputable vendors include F-Secure, McAfee and Symantec. There are also reputable free solutions such as Avast, so a lack of resources doesn't mean you have to go without security. Be extremely wary of Web pop-ups that offer “free security scans” or that inform you that your machine is infected with a virus. Such offers commonly lead to fraudulent anti-virus solutions that are actually malicious software.

Have a safe and happy holiday season, OK?

Industry analysts Frost & Sullivan have honored Proofpoint with their 2012 Product Differentiation Excellence Award in Email Content Security. This award is based on the firm's recent research into best practices in the email security space.

In its evaluation, Frost & Sullivan examined all of today's email security vendors and solutions, including on-premises, virtual and cloud-based solutions, finding that Proofpoint had achieved the strongest product differentiation in the the past year.

Quoted in a news release, Frost & Sullivan network security analyst Ben Ramirez said, "Vendors in this market face  ever-evolving customer demands in terms of malware prevention, blocking targeted attacks and meeting government compliance and data protection  regulations. Proofpoint is at the forefront of meeting these challenges with innovative cloud-based solutions such as  Proofpoint Targeted Attack Protection, which provides robust and unique protection against spear phishing, malware and targeted spam attacks against customers’ corporate email systems."

In the complete award write-up (which you can read by simply completing the form below), Frost & Sullivan also recognize Proofpoint for meeting the needs of specialized vertical markets, including financial services and healthcare. To read more, complete the form below:

In a sure sign that summer is over and that the holidays are nearly here, I am informed that registration is now open for the RSA Conference 2013.

As usual, Proofpoint will be exhibiting at the RSA Conference 2013, to be held February 25 thru March 1, 2013 at Moscone Center in San Francisco.

If you'd like to attend the RSA Conference 2013 expo (exhibits), you can get a free exhibits-only pass (which RSA calls an "Expo Pass") courtesy of Proofpoint by using code FXE13PRF when you register.

To register for your free RSA exhibits pass, please visit the following URL and enter code FXE13PRF during the registration process:

 https://ae.rsaconference.com/US13/portal/login.ww

We look forward to seeing you there! Proofpoint will be exhibiting at booth #739, demonstrating our entire suite of cloud-based data protection solutions, including threat management (email security), compliance (data loss prevention, email encryption), archiving & governance, and secure communications.

As you've probably already heard, Google is actively moving customers of its Postini email security and archiving solutions to Google Apps. This is essentially forcing organizations to replace Postini with either Google Apps or an alternative Postini replacement.

The options and implications can be confusing, so our VP of product marketing, Kevin Epstein, put together a great overview of what is happening with Postini, potential issues to be aware of when transitioning from Postini to Google Apps, and the types of benefits that enterprises could reap if they replaced Postini with an alternative email security solution.

Check it out here: 

There are several resources mentioned by Kevin in that video, and I've provided handy links to them, below:

• Gartner report: "Google Moves Postini Into Gmail, Reflecting Push Toward Consolidation":
  http://bit.ly/gartner-postini
• Proofpoint's "switch from Postini" resource page:
  http://www.proofpoint.com/postiniswitch
• Gartner report: "2012 Magic Quadrant for Secure Email Gateways": http://www.proofpoint.com/magicquadrant