| Do you think your company is protected against malicious attacks through email since all your email is scanned by antivirus? Think again. There are many attacks which are not possible to detect with traditional antivirus engines.
These attacks are often attempts to bypass the scanning entirely and also execute malicious code automatically, or trick the recipient to open something that appears harmless but is quite the opposite.
Messagewash™ offers protection against these attacks as well.
Trickery
Many viruses exploit flaws in email clients to make the attachment look less dangerous. Often the goal is to disguise the real file extension as something the recipient's might consider harmless, and thereby tempting them to open the message.
These techniques include using many white spaces in the filename, using double extensions, extremly long filenames and adding "Class IDs (CLSID)" to filenames. All these techniques make it possible, under the "right" circumstances, to display an executable file as a harmless file, such as .txt or .jpg, in the recipients email client.
Dangerous features
Some email clients have the option to split large attachments over several messages, and some allow the message body to be stored somewhere on the internet and downloads it to the client when the message is opened.
Since there is no way to scan these messages for viruses or malicious content, Messagewash™ offers the option to deny them.
HTML
Email messages in HTML are potentially dangerous. There are certain "tags" which are often abused by viruses and spammers.
IFrame tags allow storage of components on a remote HTTP site whilst presenting it in the email whereas Object codebase tags might execute local files or Active-X components. Form tags are used in recent scams where the victim is instructed to supply passwords, credit card data and so on. IMG tags (Web Bugs) are used by spammers to validate email addresses.
Messagewash™ offers the option to deny, disarm or convert them to plain text.
You can also choose to convert all HTML messages to plain text. This option is especially well suited for schools and whomever might be offended by messages containing graphic images.
Policy enforcement
Some companies have email policies that regulate what kinds of files are allowed. Music, movies, pictures or executable files might be banned in the policy but users often get around this by renaming files from filename.mp3 to filename.txt
Messagewash™ can stop this exploit by looking at the file type, not just the filename.
|
