Making e-mails more secure: Effective protection against sender fraud

18. February, 2019

You too can support a global improvement in email security by applying simple best practices according to the state of the art.

The truth is not always easy to filter into good and bad: your organisation’s email system needs active protection as well as adaptation and development to best prevent abuse. By using current standards, global e-mail security can be significantly improved. Do your part and actively prevent sender fraud!

Make misuse more difficult:  Verify sender identity

One problem with e-mails is still reliably detecting whether the sender is actually authorised to send electronic messages in the name of the domain and the sender. Spam filters have meanwhile seen enormous improvements and high hit rates. Based on content and structure alone, as well as other quantitative evaluation metrics, an immensely high number of false messages can be sorted out.

The mail system still has weaknesses that make particularly targeted spam messages very difficult to detect. The solution requires a multi-level approach that improves the overall email system security. On the sender side, the three methods SPF, DKIM and DMARC are widely used.

Three tools for more email security: SPF, DKIM and DMARC

Based on DNS records, an enrichment with additional information takes place, which enables supplementary checks when sending and receiving messages.

  • SPF (Sender Policy Framework) is an additional DNS text entry (SPF record). It defines which e-mail server is authorised to send messages. In this way, the valid server of a domain can be clearly defined and identified.
  • DKIM (DomainKeys Identified Mail) is activated on the DNS server and on the e-mail server. It provides additional integrity protection by publishing a public key of the e-mail server. Thus, it is possible to check the authenticity of the e-mail message as well as any change during transport.
  • DMARC (Domain-based Message Authentication, Reporting and Conformance) combines the two previously mentioned methods on the sender and receiver side. The information can be linked with each other and evaluated specifically for the further handling of the messages.

With only a little preparation, a big gain on the security side is possible thanks to these methods: they prevent both the forgery of e-mails from one’s own domain and the receipt of forged e-mails.

IKARUS offers active support for increasing email security

IKARUS mail.security offers different levels to send only sender-verified, secure emails – and to receive secure emails:

  • Free dispatch via IKARUS email server: This service is available to all IKARUS mail.security customers with their own e-mail server. All you need to do is activate the IP address of the sender system. Send a short e-mail to support@ikarus.at and benefit from the additional control of your sent e-mails for malware and the excellent reputation of our IP addresses.
  • Simple activation of SPF and DKIM in the DNS-record: Enter the IKARUS platform as authorised gateway for the SPF-record in the DNS of your domain (e.g. ikarus.at. IN TXT “v=spf1 ip4:91.212.136.49 include:mymailwall.com -all”). For DKIM, in addition to adjustments to your e-mail server to check the signature, only one entry in the DNS is necessary. Publish a CNAME for this (e.g. mailsecurity._domainkey.ikarus.at. IN CNAME mailsecurity._domainkey.mymailwall.com.) for our public key.
  • Additional security and protection against targeted attacks is provided by the ATP-AddOn (Advanced Threat Protection) of IKARUS mail.security: Every incoming message traffic, attachments and URLs are subjected to a multi-stage check procedure with additional signatureless malware detection, behavioural analyses and validation algorithms.

The more e-mail systems use advanced methods for sender verification, the more difficult it becomes to transmit false messages and the more trustworthy the entire communication network becomes.

Our support team will be happy to assist and advise you! Call us at +43 1 58995-400 or write to us at support@ikarus.at.

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung
Indicators of Attack
Gefahren durch vertrauenswürdige Services
Threat Intelligence
SQL Injection

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download