Not logged in » Login
Feb 28 2019

SECURITY NEWS: Symantec Introduces “Email Fraud Protection”

Symantec has announced Email Fraud Protection, an automated solution that helps organizations block fraudulent emails from reaching enterprises and protecting brand reputation and sender trust. The idea is to substantially reduce workloads for IT departments and eliminate the need to manually manage email security configurations while fighting so-called Business Email Compromise (BEC) attacks.

The rise of alternate solutions notwithstanding, email is still a very powerful business tool and arguably one of the most popular office applications. However, the very properties that made it popular – ease of use and a built-in adaptability to communicative and collaborative workflows – have also turned it into a worthwhile target for criminal miscreants. This argument has nothing to do with scare tactics, as is proven by seemingly countless phishing and other impersonation attacks, in which adversaries pose as legit communication partners or company insiders: As Anant Vadlamani, Symantec's Director of Product Management, Email Security, asserted in a blog entry from earlier this week, unspecified FBI statistics show that such schemes have cost U.S. companies $12.5 billion in recent years. And aside from the sheer financial damage, trust among employees and customers is also undermined.

Against this backdrop, it's only natural that security experts and email software developers have tried to thwart these perils with a number of sender authentication standards such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) or Domain-based Message Authentication, Reporting and Conformance (DMARC). The problem is that all of these standards and protection mechanisms are complicated to implement and enforce, so that even the slightest mistake can cause false positives and block important legitimate emails. Symantec's freshly introduced Email Fraud Protection provides an automated solution to this problem by removing "the need for administrators to manually set and maintain email sender parameters," instead delegating email authentication to a cloud service that automatically keeps tabs on approved senders. Users only need to whitelist (authorize) specific communication partners with one click, and Email Fraud Protection will do the rest by "cataloging thousands of SaaS and third-party emailing services, and dynamically updating configuration changes," says the data sheet (PDF). Moreover, the service will generate "extensive" yet easy-to-understand reports that help users maintain control over all incoming email traffic.

Symantec says the new service easily integrates with its other email protection products and services, in particular Email Threat Isolation and Email

For more details, see Anant Vadlamani's blog entry. Additional background info is available from eWeek.


Comments on this article

No comments yet.

Please Login to leave a comment.


Please login

Please log in with your Fujitsu Partner Account.


» Forgot password

Register now

If you do not have a Fujitsu Partner Account, please register for a new account.

» Register now