Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [Ache In the Head] The Problems With Your Not-So-Secure Email Gateway

    Phishing for FedsI have been doing some research on Secure Email Gateways. The picture is not that pretty.  Below I will summarize what I found.
     
    But to start with, just for fun, I asked ChatGPT what it "thought" of the SEG problem. This was the prompt: Describe the issues of secure email gateways not catching malware and phishing attacks in 300 words.
     
    And this is the unedited quite interesting answer: "Secure email gateways are designed to protect organizations from various types of email-borne threats such as malware and phishing attacks. However, these systems are not foolproof and can sometimes fail to catch malicious emails.
     
    One issue with secure email gateways is that they rely on signature-based detection methods, which can be bypassed by attackers who use malware that has not been previously seen, or that is modified to evade detection. Additionally, phishing attacks often use social engineering tactics to trick users into providing sensitive information, which can be difficult for secure email gateways to detect.
     
    Another issue is that secure email gateways may not be configured properly, or may not be updated frequently enough to keep up with new threats. This can lead to vulnerabilities that attackers can exploit.
     
    Furthermore, secure email gateways are not able to detect all types of malware and phishing attacks, such as spear-phishing or business email compromise. These targeted attacks are often more sophisticated and may use social engineering tactics to trick users into providing sensitive information, which can be difficult for secure email gateways to detect.
     
    Additionally, many organizations are using cloud-based email services, and secure email gateways may not be able to protect against threats that originate from outside of the organization's network.
     
    In conclusion, while secure email gateways can provide a level of protection against malware and phishing attacks, they are not a complete solution. Organizations should implement a multi-layered security approach that includes employee education and training, as well as regular updates and maintenance of secure email gateways. Furthermore, it's important to have a incident response plan in case of any potential security breaches." 
    These 5 points are the results of my research
     
    Your Secure Email Gateway and anti-spam filters have a number of problems, causing one out of 10 threats to still make it in your users’ inbox:
    1. They miss a significant percentage of phishing attacks, average miss rates are between 10 and 20%. For instance 18.8% of phishing emails bypass Microsoft Defender
    2. SEG’s vary wildly in catching malware, the miss rates are between 1.7% and 30% depending on the product.
    3. Specifically crafted phishing attacks to bypass Defender get missed more than 40%.
    4. Despite SOC staff in large businesses, the missed phishing rate is even higher, reaching between 50 and 70 percent.
    5. The ever-shrinking average lifetime of malware, malicious phishing URLs and phishing campaigns themselves makes them continually harder to catch.

    You simply got to work on creating a strong security culture [VIDEO] as your last line of defense.

     

    Return To KnowBe4 Security Blog

    Do you know what's getting through your mail filters?

    KnowBe4’s  Mailserver Security Assessment (MSA) helps you assess your organization’s mailserver configuration settings and check the effectiveness of your email filtering rules. With email still the #1 attack vector used by threat actors, you want to see what types of messages may make it through your filters from the outside.

    MSA gives you a quick insight at how your mailserver handles test messages that contain a variety of different message types including email with attachments that contain password-protected, macro zipped, and .exe files or have spoofed domains.

    msa-screen3Here's how MSA works:

    • 100% non-malicious packages sent
    • Select from 30+ automated email message types to test against
    • Saves you time! No more manual testing of individual email messages using MSA's automated send, test, and result status
    • Validate that your current filtering rules work as expected
    • Results in an hour or less!

    Find out now if your mail server is configured correctly, many are not!

    Test My Mailserver!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    knowbe4.com/mailserver-security-assessment

    Topics: Social Engineering, Email Security

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews