Mimecast has announced two new measures designed to protect against spear-phishing. The first measure, Attachment Protect, and user awareness enhancements reduce the threat from malware-laden attachments and help IT teams improve employee security awareness. The second measure, Mimecast Targeted Threat Protection – URL Protect, give customers a comprehensive line of defense against the key technical and human risks from spear-phishing in one cloud-based service.
Mimecast Targeted Threat Protection - Attachment Protect is designed to reduce the threat from weaponized or malware-laden attachments used in spear-phishing and other advanced attacks. It includes pre-emptive sandboxing to automatically security check email attachments before they are delivered to employees. Attachments are opened in a virtual environment or sandbox, isolated from the corporate e-mail system, security checked and passed on to the employee only if no threat is detected.
Attachment Protect also includes the option of an innovative transcription service that automatically converts attachments into a safe file format, neutralizing malware as it does so. The attachment is delivered to the employee in read-only format without any delay. As most attachments are read rather than edited by employees, this is often sufficient. Should the employee need to edit the attachment, they can request it is sandboxed on-demand and delivered in the original file format.
Mimecast Targeted Threat Protection – URL Protect offers click-time protection and now includes innovative user awareness capabilities so IT teams can raise the security awareness of employees. Once enabled, a percentage of links in e-mails clicked by an employee will open a warning screen. This will provide them more information on the email and destination, prompting them to consider if the page is safe. If they choose to continue, their opinion is logged, URL Protect scans the link and blocks access if the destination is unsafe. IT administrators can set how frequently these awareness prompts are shown to ensure employee caution is maintained. Repeat offenders that click bad links will get more frequent prompts automatically until their behavior changes. The IT team can track employee behavior from the Mimecast administration console and target additional security training as required.