Secure Email Gateway

The Beginning Of Spam Emails

Email was one of the first activities people did when the world went online, it took very little bandwidth, it was also easy, fast and didn't cost a thing. It was so easy and inexpensive that it became a means to get a message to many people at little to no cost. Some of those mass mailings came from legitimate business and were equivalent to advertising flyers sent by post, but more nefarious characters sent other mass mailings. This was the beginning of Spam: The act of sending irrelevant and unsolicited messages on the internet to numerous recipients. Individuals could send and receive messages with little verification or accountability. Therefore, they offered anonymity. Initially, people viewed spam more as a nuisance than a threat. But in 1996, America Online AOL coined the term Phishing to describe the fraudulent practice of Sending emails purporting to be from a reputable source, in order to induce individuals to revel personal information.

Spam Emails Examples

Some of you may have met Prince Solomon of Abadodo, or another wily character, who wanted to share their wealth with you. Other bad actors registered domain names that were strikingly close to the names of legitimate businesses or organizations and masqueraded as that business in an email, coaxing you to click a link or an attachment that contained malware. The phishing technique relied on human naivety, carelessness, or distraction for it to work. One of the first responses from businesses was to educate employees about phishing. However, while education may have reduced phishing exploits, it did not eliminate the threat. Something had to be done at the mail server and ISP level. In response, businesses installed spam filters on mail servers to stop spam and phishing emails.

Spam Filters

Spam filters rely on identifying specific words or patterns in the headers or bodies of messages. To use a simple example, the word Cash is common to email spam. If an IT professional added the word cash to the spam filter of their company mail server, the filter would eliminate any email that contained that word.

SPF

ISPs have also deployed spam filters. In addition to filtering, ISPs turned to strengthening authentication methods. By the end of the first decade of the twenty-first century, ISPs began to implement the Sender Policy Framework SFP, which slowly took shape during that decade but wasn't proposed as a standard until 2014. SPF is an Email authentication method that detects bogus sender addresses and emails. However, for every defensive measure implemented by legitimate businesses, organizations, and ISPs, the bad actors introduced a countermeasure that circumvented the latest defense. To return to our simple example, spammers could easily bypass our filtered word, cash, by rendering it as c@sh or some other variant. While filters became more sophisticated in detecting spam patterns, they were too static and easy to outsmart. Spamming and phishing are just too lucrative for the bad actors to easily give up. In fact, the number of phishing attacks has grown enormously since the turn of the century. In 2004, 176 unique phishing attacks were recorded. By 2012, this number grew to 28,000. And no wonder phishing was lucrative. Between lost money and damages, the attacks caused a $500 million loss to businesses and individuals. More recently, during the first quarter of 2020, the Anti Phishing Working Group APWG recorded 165,772 detected phishing sites.

Secure Email Gateways

Better defense was needed. Secure email gateways arose to provide more rigorous defense. In addition to spam filter, they added antivirus scanners, threat emulation, and sandboxing to detect malicious attachments and links in real time. Even if employee education and the spam filter failed, one of these other tools could detect and neutralize the threat. However, the number of false positives, and the sheer volume of attacks, overwhelmed the security teams, who became bogged down in manual remediation. Secure email gateways continue to evolve as threats evolve. Today, greater automation and machine learning are built in to secure email gateways, which alleviates the demands placed on security operations centers. Data loss prevention DLP is also available to detect and stop the egress of sensitive data. In some cases, a secure email gateway is integrated with other network security devices, such as edge and segmentation firewalls.