Spam emails also add to the challenges of email protection and the prevention of cyber-attacks that end in stolen credentials, ransomware, Business Email Compromise, and exposed data.
Preventing email spam from entering an employee's inbox is achieved using an email spam filtering solution. Here is a look at the types of features that an email filter system should have to block spam and improve overall productivity and cybersecurity.
What Are Email Spam Filters?
Email filters use a mix of smart technologies, including machine learning, to detect illegitimate emails and block them from entering email inboxes. There are a lot of spam filter solutions in the marketplace making it important to differentiate the good, from the not so good, solution. Here are a few pointers of the type of features that should be considered when choosing an email filter solution:
A Layered Approach to Email Protection
When evaluating an email spam filtering solution, look for a solution that can offer a layered approach to block illegitimate emails. Robust, well-designed email filters will typically utilize multiple mechanisms to prevent spam.
Did You Know?
SpamTitan's spam catch rate
a ransomware attack occurs
the average cost to manage spam per person without an email filter
of all email is spam
Spam Filter Types
Filters are the first line of defense against rogue emails. Filters must be highly configurable to ensure that they do not mistakenly prevent legitimate emails from getting through. There are several filter types, many of which can be used in combination to optimize the response to spam. The filter types can be broken into two broad levels:
High-level Control
These filters are configurable but typically need manual intervention and adjustment, over time, as the system is used.
Content or word filters: filters that look for specific words or content in an email and block/quarantine that email if those words are identified.
List filters: the use of a blacklist or whitelist is a useful tool for preventing/allowing emails from known IP addresses and domains.
Header filters: the header of an email can often provide indicators of spam. A header filter looks at the details of an email header to determine its legitimacy. If the header falls into pre-set spam policies, e.g., the email has exceeded a maximum number of recipients, the email will be blocked.
Smart Filters
Taking email filters to the next level is the application of smart technologies, including machine learning (ML), to build better filters. These filters can adjust tactics as environments and spam methods change, an important quality in a security landscape that constantly evolves to utilize evasion tactics.
Heuristic filter: Heuristic spam filters typically use intelligent technologies such as machine learning algorithms to identify spam. The system uses scoring to apply policies to incoming and outgoing emails. If an email meets the score, it will be set as spam and blocked. Heuristic filters are reactive to changing scenarios and phishing tactics.
Bayesian filters: build and apply more effective rules over time: a Bayesian filter is a form of Heuristic filter that uses employee input to identify an email as spam. This employee interaction acts to train the filter, and over time, the filter becomes more and more effective.
Spam filters act to quarantine rejected emails. These quarantined emails may also contain infected attachments or links to spoof or infected websites known to harbor malware.
SpamTitan is an advanced and highly effective spam filter service, with a market leading 99.99% Spam Catch Rate with a 0.003% false positive.
Outbound as well as Inbound Email Protection
Some email filters, such as SpamTitan, apply a two-way filter system to ensure that both inbound and outbound emails do not result in sensitive data leaks. Protecting outbound emails includes checking corporate emails for spam and viruses to prevent the organization´s IP addresses from being blacklisted by global blacklisting services.
Outbound filter protection also prevents sensitive information from being exposed: for example, if an email filter is configured to prevent a Social Security Number from being sent outside the company, any email containing the expected format of a social security number will be quarantined allowing checks to be made before being sent
Enterprise Evaluation Checklist When Choosing a Spam Filter Solution
The type of filters offered by the email filter solution is just one aspect of the evaluation process. The administration, deployment, and end user experience of an email filter are also key features to evaluate. A checklist of features to identify the right email spam filtering solution should include:
- Easy deployment: easy to set up, simple to configure, and up and running in minutes
- Automatic updates: fully automated updates that are pushed out to end user devices
- Two-way email protection: prevents sensitive data leaks from corporate email accounts
- Easy administration: a central web console accessible by privileged access users for secure spam filter management
- Support for existing identity systems and robust authentication: should support the use of LDAP, Dynamic and aliases file recipient verification, and SASL authentication
- Localization: available in your local language
- No hardware or endpoint software: a cloud service so requires no hardware or endpoint software
- Operating system agnostic
- Collaborative spam fingerprint checks: can use “community intelligence” to build up a database of spam ‘fingerprints’ that can be fed back into the spam filter to block spam messages
- RBL tests (real-time blackhole list): checks for known spam IP addresses and updates filters as new spoof sites appear
- SURBL tests: detects websites that are known to appear in spam emails
- Sender Policy Frameworks: prevent the delivery of “spoofed emails” by checking domains are legitimate and that the supposed sender of the email is authorized to send emails from that domain.
The protection of corporate email is a must have in a world where security breaches are expected to costs businesses around $10.5 trillion by 2025. The best protection is to stop phishing emails and spam from entering an employee’s inbox in the first place. This is achieved using email filtering solutions, but these solutions need to be smart enough to separate out the legitimate from the illegitimate. Email filters must also meet the exacting needs of the modern corporate that requires fast and easy deployment along with centralized management. When evaluating an email spam filtering solution, look for a system designed to apply an intelligent approach to sifting through the massive amount of emails entering our staff inboxes every day.
Susan Morrow
- DATA PROTECTION
- EMAIL PHISING
- EMAIL SECURITY