Press Room

  • Share on Facebook
  • Share on Twitter
  • Share on Google Plus
  • Share on Linkedin

Welcome to ZyXEL Press Room In this area you can browse the latest announcements, events and more from ZyXEL and our worldwide subsidiaries.

What’s in your mailbox? Are you safe when chatting.

Email is still a source of online threats. How do you protect against them?

June 01, 2011

Companies these days are taught to be wary of dangerous web content that could compromise their networks and help steal their data, but they can sometimes forget about one of the most pernicious and well-established threats of all: email. Email security is a more important topic today than ever.

Spam used to be simply a way of sending unsolicited advertisements for dubious products online. Viagra, porn, and college degrees were hawked alongside fake Rolexes to unwitting Internet users. Such offers may fool only a small percentage of people, but when sending such messages to millions of users, only a small percentage of replies are necessary.

Over time, spam email has become both more ubiquitous, and more pernicious. Some years ago, the vast bulk of spam was sent using ‘open relays’. These were email servers that were not password protected, and which were therefore usable by anyone to forward email to vast numbers of people.

However, over time, the number of open relays has reduced as companies have password protected their email relays. Not to be outdone, spammers found new ways to send unsolicited email, and also to begin making it more dangerous.

The majority of spam today is relayed using personal computers in people's homes. These computers are compromised by malware and joined to ‘bot nets’, which are large collections of compromised computers controlled by a central team of criminals or ‘bot herders’.

These bot herders then use the very machines that they have compromised to send spam to other PCs. Instead of simply selling Viagra and fake Rolexes that spam often contains more damaging content. Phishing scams are one common attack delivered by spam. They lure users to fake websites purporting to represent legitimate financial services companies and other organisations providing access to online accounts, such as eBay.

Phishing emails convince users that their account details have been compromised, and persuade them to enter their login credentials into the fake site to access and update their account security. In reality, they are giving their passwords to the scammers.

Another common deliverable in modern spam messages is malware that compromises the victim's computer and joins it to a bot net. Once compromised, a computer can be made to send spam, but can also be mined for personal information including passwords and bank account information.

How can computers be protected from these malicious emails? Small businesses can install gateway-level appliances that protect the entire user population by scanning emails for tell-tale signs before they reach individual computers.

ZyXEL sells security appliances including anti-spam protection. It features two main protective mechanisms, based primarily on the Internet Protocol (IP) addresses that the emails come from. These addresses, which point to the individual computer that relayed the mail, are useful indicators when it comes to evaluating legitimacy.

Users can maintain a blacklist of emails themselves, based on the IP address that an email is sent from, or on various other values in the email header (effectively a digital ‘envelope’ containing information about the source and destination of the mail).

This blacklist can be a useful resource, because it immediately classifies any emails meeting certain criteria as spam. However, ZyXEL also uses an online collection of online blacklists, which are updated frequently with information about IP addresses with bad reputations. When an email is received, IP addresses in its header are scanned against these DNS real-time blacklists (DNS RBLs). If the RBL servers match the incoming IP address against their constantly-updated databases, then the email is once again classified as spam.

These blacklists are maintained in the cloud by expert organisations such as Spamhaus, and are therefore extremely important, as they represent an up-to-date record of known malicious URLs.

The ZyXEL appliances also feature email white list capabilities. White lists are lists of email and IP addresses that are known to be legitimate. Companies receiving regular communications from these sources are added to the white list. This stops those emails from being put through the scanning process, saving on valuable computing resources and time.

Taken together, these three mechanisms constitute what’s known as a defence-in-depth approach to security. Each of them tackles email security in a different way, using information from a different source, to create the best possible outcome for the customer.

Spam still constitutes around two thirds of all incoming mails. Can your company afford to ignore it?