ICONIX, Inc., the industry leader in visual email solutions, announced today that it has added fraud filtering capability to SP GuardTM, its spear-phishing defense product. Now, in addition to highlighting legitimate messages with an icon in the inbox, enterprises will be able to block fraudulent messages pretending to be from their organization or their trusted partners.  

Recent security breaches at many major enterprises have been widely reported in the press. Cisco’s June 2011 study, “Email Attacks: This Time It’s Personal“, reported that suspicious emails with suspicious links are being replaced by highly targeted emails that do not rely on obvious ploys to steal credentials. McAfee documented many of these breaches in an August 2011 white paper entitled “Revealed: Operation Shady RAT“, which highlighted more than 70 targeted intrusions into governments, corporations and non-profits.

The common thread in these security breaches was spear-phishing emails that allowed malware to gain entry into the systems. Criminals are moving from high volumes of ineffective emails to small numbers of well-crafted highly personalized messages that are indistinguishable from legitimate email. The problem is no longer recipient gullibility, but the inability to tell good emails from bad emails.

“At Iconix our core expertise is combining email authentication methods with display technology to identify legitimate email senders,” said Jeff Wilbur, vice-president of marketing at Iconix. “Our customers have asked us to extend this capability to actually block fraudulent messages from being seen, which further protects users and their organizations from being compromised, so we have added fraud filtering to SP Guard to do just that. This additional protection is becoming increasingly important given the latest generation of highly targeted spear-phishing emails which are so well crafted that users cannot tell real from fake.”

This is a typical Outlook inbox.  The last message is fraudulent.  It employs the frequently used scheme of spoofing a trusted internal email address to deliver a malicious attachment.  It is nearly impossible to distinguish the real HR email that is being previewed from the fraudulent email.

This is the same Outlook inbox, this time with SP Guard marking confirmed real messages and deleting the fraudulent message.

after SP Guard

SP Guard with fraud filtering is available immediately from Iconix, Inc.