Anti-spam: 8 solutions to protect your email from malicious emails
Unfortunately, European regulations and artificial intelligence will not stop spammers from sending you unsolicited emails (spam). Too many of these emails end up in your inbox instead of the spam filter, causing annoyance, loss of productivity and IT security risks.
However, there are ways of getting rid of unwanted mail without filtering out legitimate email: anti-virus software and, above all, anti-spam software positioned upstream of your email server.
This guide to anti-spam solutions takes a look at the current state of affairs and, of course, the solutions you can use to protect yourself.
The mind-boggling spam statistics for 2018
The graph above taken from statistica.com shows the evolution of the share of spam in total email traffic worldwide. This history shows that although the share of spam is decreasing, it still represented 48.16% of emails in March 2018.
This figure is consistent with the source OKTEY for HAKIN9 magazine which puts the spam share at 50% of total traffic. This represents more than 15 billion spam messages per day worldwide! With 12% of spam sent, the United States is the world's leading spam sender, closely followed by China and Russia.
However, technological developments mean that 90% of spam can be filtered upstream using the anti-spam tools of Internet Service Providers(ISPs) and email service providers (source: Signal Spam March 2018).
What's more, if spammers are soliciting you a lot, they only get a response from you once every... 12.5 million emails, according to TechRadar. The ratio is admittedly very low, but the volumes are such that the victims are ultimately very numerous. The proof is that although the click-through rate is low, the business is profitable for spammers: the gain is estimated at $7,000 per day per spammer ($3.5 million per year) according to Groupmail.
In the final analysis, the cost to businesses and organisations, which was already $20 billion in 2012, has been multiplied by 12.5 in 2018 ($257 billion) according to Radicati Research Group. This cost is explained by loss of productivity, temporary or permanent stoppage of activity, theft and destruction of data, mail server saturation, etc. Ultimately, the cost of spam represents €1,673 per employee in the United States (source: Nucleus Research).
As a result, the cost to businesses of spam is expected to rise by €222 million a year, according to spamlaws.com. This shows that although technology offers better control, intrusions are becoming increasingly virulent.
Spam: between unwanted messages and viruses
In most cases, junk mail is a major nuisance to recipients. It gets mixed up with the important emails in their inbox, causing annoyance and distraction.
That's why Gmail allows marketing emails to be separated (in tabs) from exchanges between individuals. Beyond the nuisance to individuals, spam consumes IT resources (storage space and bandwidth), which represents a cost proportional to the size of the company.
The biggest risks, however, are attempts to intrude in order to commit damage (data theft, data destruction, money theft, identity theft, etc.).
Unwanted commercial advertising
Unwanted commercial emails are emails perceived as useless and sent to lists of recipients who have not explicitly given their consent (opti-in) to receive these emails.
This can happen if lists have been bought or stolen. It is sometimes impossible to permanently unsubscribe from these lists (opt-out), which poses a real problem in terms of compliance with the CNIL and the RGPD.
Most of the time, these are scams or paid-for online services (adult sites, mortgages, training, online games, premium-rate numbers, etc.).
Phishing
Phishing is an email fraud technique that involves pretending to be a trusted third party (bank, insurance company, social security, etc.) in order to obtain personal information or money. Phishing emails generally look like very close copies of those on the official website. A variation of phishing, spear phishing, involves personalising messages sent to a small number of users (as opposed to a generic email sent to as many potential victims as possible). It is estimated that 91% of hacking attacks begin with a phishing email, which is why it is so important to set up effective filtering of these unwanted emails.
Ransomware
Ransomware is a virus which, once it has infected a workstation, encrypts all or part of the files on the computer or even the computer network.
The victim is given a decryption key by the hacker in return for a ransom. Ransomeware can lead to the closure of a business... or even worse.
In February 2016, for example, the Los Angeles Hospital was hit by ransomeware received by email. Medical records were inaccessible for hours, putting lives at risk. In 2016, revenues from ransomware amounted to 1 billion dollars in the United States alone (source: FBI).
Spyware and malware
Spyware is spyware that infiltrates a computer system to monitor the user's activity.
Most spyware is harmless, but it violates users' privacy, in some cases even collecting passwords or activating webcams.
Malware, on the other hand, is malicious software (viruses, worms, Trojan horses) that causes irreparable damage to infected computers.
Spam: the number one source of computer attacks
Hackers generally circumvent IT security systems through human error. As a result, companies need to strengthen their email defences to minimise the exposure of their security vulnerabilities.
Anti-virus and anti-spam to protect against spam
The most effective solution for blocking dubious emails and avoiding all the inconveniences mentioned above is to protect the "endpoint", or the last stage in an email's journey before it is received. There are two possible methods for doing this:
- the quarantine system: Unwanted mail arrives in the recipient's mailbox. It is then isolated in a spam folder. The quarantine is purged automatically or not after a certain period of time. In this case, the sender does not know that his message has been blocked;
- the anti-spam filter system upstream of the messaging system (during SMTP transfer) which alerts the sender that his email has been blocked. The anti-spam filter acts like a firewall (pure and simple blocking) with an authentication mode (by Capcha or notification response) that allows the sender to manually prove that it is a human and not an automated process.
Anti-virus software such as McAfee, Avast, Kaspersky, Norton (Symantec), Bitdefender and AVG offer e-mail protection functions with a quarantine system coupled with a scan of attachments to identify malicious programmes.
On the other hand, anti-spam software is stand-alone and can be placed upstream of the mail server (Microsoft Exchange Server, for example). They include several anti-viruses, an email white list, a black list, algorithms, etc. to block fraudulent emails before they reach users' inboxes.
What is anti-spam? What does it do?
When properly configured, antispam is a highly effective solution for eradicating spam. But what exactly is anti-spam?
Antispam is a computer solution designed to filter out advertising messages, malicious software and ransomware. Antispam is installed either on the user's computer or on a remote server belonging to the antispam publisher. In the second case, the protection is ideal.
In practical terms, anti-spam consists of the following elements:
- a Realtime Blackhole List or RBL (blacklists of IP addresses and emails),
- a heuristic analysis engine ,
- white lists,
- a Bayesian method (deduction of the probability that the email is spam),
- spam databases,
- a URL verification algorithm,
- DNS configuration,
- SPF configuration,
- transaction history,
- user and company preferences.
However, beware of anti-spam software that is too strict, as it can lead to false positives (legitimate mail redirected to the spam folder).
8 professional anti-spam programs to protect businesses
Altospam: leading anti-spam software for eradicating spam
Altospam
Bitdefender: anti-virus and anti-spam
GravityZone by Bitdefender
MailInBlack: filtering, attachment scanning, authentication request and much more
- Strict filtering
- Anti-virus scanning of attachments
- RBL filtering
- Verification of white and black lists
- Captcha sender authentication request
This solution uses the same principle as Altospam, but passes incoming emails through an intermediary server to clean them up before they enter the company's IT premises.
MailWasher: a free version and a paid version
SpamCombat: spam intercepted before the inbox
- Filters spam from POP3 and SMTP accounts,
- Block spam by country of origin,
- Compatible with secure protocols (SSL/TSL),
- Deletes spam before it reaches the inbox,
- Secure email preview.
SpamFighter: Microsoft's partner spam filter
Spamihilator: the free anti-spam filter
Vade Secure: the only one to fully protect Microsoft Office 365
If you use Microsoft Exchange Online Protection (EOP), you are not protecting your IT assets from spear phishing attacks or zero-day attacks.
The publisher of the Vade Secure solution for Office 365 has designed an artificial intelligence (AI) engine to fully secure your email system: AI detects known signatures and eliminates threats.
The advantage of artificial intelligence is that it learns: with each new hacking attempt, it adapts, analyses and detects this new threat in order to eradicate it.
Video explanation:
Vade Secure's other advantages include
- native integration with Office 365 thanks to Microsoft's API,
- a 1st filter that eliminates threats based on identified signatures,
- anti-malware analysis of code embedded in documents (PDF, Word, Excel, etc.) and executable files,
- an analysis of URLS when the user clicks on them: if the web address is suspicious, the link is not clicked.
Bonus: 10 best practices to protect yourself from spam and hackers
- Check the sender (domain name), spelling and design of the suspect email. Filter out unknown senders;
- Do not open attachments to suspicious messages (especially if they are executable files);
- Use webmail (Gmail from Google Apps, Yahoo mail, Hotmail/outlook, Postbox) rather than heavyweight email applications (Mozilla Thunderbird, Outlook Desktop) because they are more powerful and store emails in the Cloud rather than on your computer;
- Choose Mac OS and Linux over Windows (especially Windows XP and Vista), as these two operating systems are much less vulnerable to attacks;
- Install anti-spam software upstream of your SMTP server;
- Make regular online back-ups of all your data. In the event of file destruction, it will be very easy to restore all workstations from an up-to-date backup;
- Contact your technical support team at the slightest incident (the sooner the better);
- Install an ad blocker (web browser plugin) such as Gohstery to reduce the reach of malicious sites;
- Never leave your email or telephone number visible on the Internet. Bots can crawl these sites to send spam emails, SMS spam or voice spam;
- Refuse to pay the ransom demanded by the hackers. Contact a professional immediately.
Conclusion
Spam accounts for half of all emails sent worldwide. Although this proportion is falling, the damage caused by unwanted email messages is becoming increasingly virulent.
The damage can range from a simple loss of productivity to business interruption when ransomware infects a company. The ultimate solution for protecting against these risks is anti-spam, which offers external protection upstream of the email account.
The multiple layers of protection and the way the tool is configured offer the best compromise between eradicating spam and reducing the number of false positives.
Finally, a solution, however effective, must work in tandem with a good email service (Gmail, Outlook, Zimbra) and be accompanied by employee training in good email usage practices.
Article translated from French