Ransomware has rapidly emerged as a significant threat to businesses and organizations of all sizes. There is no silver bullet when it comes to ransomware; it requires a multilayered, step-by-step approach for the best risk mitigation. The key is to block the malware before it even reaches the organization – through layered security.
According to the latest figures from the FBI, Business Email Compromise (BEC) has caused at least $3.1 billion in total losses over the past two years to approximately 22,000 enterprises around the world. It typically starts when business executives’ email accounts are compromised and spoofed, with the fraudster sending emails to an unknowing employee instructing them to wire large sums of money to foreign accounts. It is hard to detect as most BEC schemes rely purely on social engineering techniques without attachments or URLs in the email body.
Trend Micro’s latest 9.1 version of InterScan Messaging Security Virtual Appliance (IMSVA), a comprehensive email gateway, can not only help IT security managers combat ransomware and BEC, but more.
These are the new product features in IMSVA 9.1, all included without extra cost for our customers:
Business Email Compromise (BEC) Protection
Trend Micro’s Social Engineering Attack Protection technology now protects against BEC. These fraudulent emails do not contain any malicious attachments or links and our industry-leading technology uses sophisticated social engineering correlation to analyze email headers, message bodies, and network traffic to intelligently identify these attacks.
BEC protection is also included in Trend Micro’s hosted email gateway, Hosted Email Security.
IMSVA blocks ransomware before it ever gets to your users. It detects and blocks ransomware with malware, antispam, and file (including executables and macro) scanning. Advanced threat protection offers sandbox malware analysis (optional), social engineering protection, and zero-day and document exploit detection. IMSVA also uses web reputation to protect against web links in malicious emails.
The new release of IMSVA gives you more visibility on ransomware. You can either query ransomware detections in logs or add a widget for ransomware detections on the dashboard.
URL Time-of-Click Protection
IMSVA now provides time-of-click protection against malicious URLs in email messages. It analyzes URLs at the time of click, blocking them if they are malicious.
Cybercriminals can hide attacks in emails containing URLs with good reputation. When the email passes all detection, reaches user’s inbox, and the URL is clicked by the user, the URL may have changed to become malicious. This may be the result of a planned strategy during a spear phishing attack and traditional email gateway wouldn’t be able to catch this. URL Time-of-Click Protection will block those URLs if malicious.
Connected Threat Defense
Using the Trend Micro Control Manager console, you can specify customized actions for malicious objects detected by other Trend Micro endpoints, gateways, and network breach detection technology. This allows you to provide a custom defense against targeted threats specific to your environment.
Unlike startups or point products that can only offer a single solution, Trend Micro leverages capabilities and threat intelligence shared across multiple layers. This is a strong advantage we can offer compared to other vendors who can only offer email security.
Other new features and enhancements in IMSVA 9.1 can be found here.
IMSVA in Smart Protection Complete
For the many medium to large size companies interested in a single vendor suite solution that features cross-solution visibility and manageability, Trend Micro™ Smart Protection Complete is an excellent choice. It includes endpoint, mobile, email, web security, and central management, all in one SKU and license, and also includes both onsite and cloud-based deployment options. It is an excellent solution for companies that need email protection along with all other layers of protection.