Security Market Segment LS
Friday, 30 August 2019 00:26

Email security architecture vulnerability to cybercriminals attacks needs reassessment Featured


Email remains one of the key attack vectors used by cybercriminals, leaving many organisations hugely vulnerable because they don’t have adequate protection in place, according to software company Wavelink, a distributor for security vendor Fortinet

And the latest industry data shows that 94% of malware was delivered by email, demonstrating what Wavelink says is the crucial importance of securing this business-critical function.

In fact, email scams cost Australian businesses more than $60 million in 2018 according to Scamwatch.

Ilan Rubin, managing director, Wavelink, said, “These attacks are both sophisticated and hard to detect, as they rely to a large extent on human error. The more protections organisations can put in place to secure email, the less likely they will be to fall victim to email-related cyberattacks.”

According to Wavelink moving to the cloud has delivered significant agility, flexibility, and financial benefits for organisations but it can also create risk if not properly secured.

The company says email has been caught up in the move to cloud, which makes sense considering the high storage requirements and relative maturity of email – however, this means that, sometimes, email security is getting lost in the shuffle.

Wavelink says organisations need to reassess their email security architecture, with key areas that need to be addressed including:

  • Attachment-based advanced threats: in these threats, users are tricked into clicking onto an attachment such as a fake invoice. Once launched, the attachment delivers malware into the network. Businesses require solutions that offer network sandboxing, and content disarm and reconstruction services.
  • URL-based threats: users are tricked into clicking onto a link that takes them to a spoof website where they’re told to enter their credentials. Once they do that, the cybercriminals have their username and password, which they can then use to access further parts of the network or essential accounts such as business banking or other mission-critical applications. Businesses need URL rewriting and time-of-click analysis, and web isolation services
  • Social engineering threats: cybercriminals are becoming increasingly good at impersonating colleagues and managers, instructing staff members to do things like purchase iTunes gift cards, change the payment details for key invoices, or transfer large sums of money to other accounts. Because the email seems so authentic, users often fall for them. To avoid this, businesses can benefit from display name spoof detection, domain-based message authentication, reporting and conformance on inbound email, lookalike domain detection, and anomaly detection.

“Organisations shouldn’t necessarily avoid moving their email infrastructure to the cloud. Instead, they just need to ensure that they’ve put the right protections in place to avoid falling victim to these scams and hacks,” said Rubin.

“It’s important to note that protecting against cyberthreats involves creating a series of rules that will need to be fine-tuned; and as a result users may notice some effects on performance. However, this is the price that organisations need to pay to avoid letting the cybercriminals win. It’s a constant battle in which some false positives are far preferable to the alternative, which is a data breach or compromised system.”


As part of our Lead Machine Methodology we will help you get more leads, more customers and more business. Let us help you develop your digital marketing campaign

Digital Marketing is ideal in these tough times and it can replace face to face marketing with person to person marketing via the phone conference calls and webinars

Significant opportunity pipelines can be developed and continually topped up with the help of Digital Marketing so that deals can be made and deals can be closed

- Newsletter adverts in dynamic GIF slideshow formats

- News site adverts from small to large sizes also as dynamic GIF slideshow formats

- Guest Editorial - get your message out there and put your CEO in the spotlight

- Promotional News and Content - displayed on the homepage and all pages

- Leverage our proven event promotion methodology - The Lead Machine gets you leads

Contact Andrew our digital campaign designer on 0412 390 000 or via email



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).



Recent Comments