Nothing is as it seems: 98 percent of phishing emails from Russia work with a disguised domain ending. Therefore, blocking by origin domains in the email security solution is mostly useless. Retarus shows how companies can protect themselves.
The security experts at Retarus warn of an ever-increasing number of disguised phishing attacks originating in Russia. According to a recent survey by the Munich-based enterprise cloud service provider, 98 percent of the phishing emails classified as dangerous cannot be clearly assigned to Russia because of the domain ending. Blocking emails at the domain level is therefore useless. Retarus recommends that companies take this into account when choosing their email security solution.
Putting e-mail traffic on the right track
With the Retarus Predelivery Logic service, e-mails are analyzed and blocked at the security gateway according to individual rules, even before they reach the receiving company's infrastructure and can cause damage there. The rules of the predelivery logic allow identification according to "Source IP Country" and the automatic initiation of appropriate measures. Depending on the configuration, this can be, for example, isolating the message in the user quarantine. In principle, there is also the option of recognizing the language in the e-mail body in addition to the geographical origin and using it for automatic rules.
Beware of Russian third-party providers
Only recently did the Federal Office for Information Security (BSI) speak of an "increased abstract threat situation" in connection with Russia's attack on Ukraine. Companies should urgently check whether the e-mail security solution they use contains Russian components.
More at Retarus.de
About retarus
With excellent solutions and services, intelligent infrastructure and patented technologies "Made in Germany", Retarus controls communication for companies worldwide. The state-of-the-art technologies, high-availability data centers and the innovative cloud messaging platform from Retarus provide maximum security, top performance and business continuity.