Email Spam Protection

An email spam protection solution is a foundational element of any cybersecurity strategy. Get it right and it will greatly improve your security posture. Get it wrong and you are likely to have to deal with a costly data breach.

Why Email Spam Protection is so Important

Email is the primary vector used to distribute malware, ransomware, viruses, botnets, adware, and spyware. Without effective email spam protection, employees would have their inboxes flooded with spam and all manner of malicious messages.

Most healthcare organizations have some form of email security solution in place, but with attacks increasing in sophistication, more advanced email security solutions are required. Spam and phishing campaigns now incorporate a variety of measures to evade detection and get the emails to users’ inboxes.

Social engineering techniques are then used to trick message recipients into opening infected attachments or clicking links to malicious websites. The emails can be very convincing and hard to distinguish from genuine communications from a company, colleague, or business contact.

A spam filtering solution acts as a sieve that catches malware, phishing emails and other unwanted messages and keeps inboxes clear of spam and email threats.

An effective email spam protection system will:

Block Nuisance Emails

According to Kaspersky Lab, in Q1, 2019, spam accounted for between 55% and 56% of all email traffic. Spam is a major drain of productivity and increases the likelihood of important emails being missed.

Block Malware and Ransomware

Email is the primary way used to deliver malware and ransomware. A study by Verizon found 66% of malware on healthcare networks was delivered via email attachments.

Verify the identity of Senders

Email impersonation is a common tactic used in phishing attacks. Trust in well-known brands, companies, contacts, and colleagues is abused to get end users to take a particular action.

Block Phishing Attacks

Phishing is the biggest cyber threat faced by healthcare organizations. Figures from Cofense suggest that more than 90% of data breaches start with a phishing email.

Detect Potential Account Breaches

Once an unauthorized individual gains access to an email account it is often used to send phishing emails within the organization and to contacts and business associates.

HIPAA and Email Spam Protection

While HIPAA does not specifically mention spam filters, the HIPAA Security Rule is quite clear about the importance of implementing safeguards to ensure the confidentiality, integrity, and availability of ePHI. HIPAA covered entities are required to conduct a risk analysis to identify threats and vulnerabilities to PHI and must reduce these to a reasonable and acceptable level. An anti-spam solution is essential for reducing email security risks to an acceptable level.

HIPAA fines have been issued to healthcare organizations that have failed to do enough to prevent phishing attacks from succeeding. UW medicine paid OCR $750,000 and Metro Community Provider Network paid $400,000 to settle alleged HIPAA violations that contributed to their phishing-related breaches.

Healthcare Email Security Found Lacking

Despite email being the primary attack vector, healthcare email security defenses often come up short. A survey conducted by the Global Cyber Alliance (GCA) revealed only 6 out of the 50 largest public hospitals had deployed DMARC email authentication technology. Research from Agari found only 15% of healthcare organizations valued over $1 billion had implemented DMARC.

Don’t Neglect Security Awareness Training for Employees

It is important to remember that technical email spam and anti-phishing protections will not be 100% effective 100% of the time. Cybercriminals are constantly changing tactics and developing new methods of attack and it is inevitable that some malicious messages will arrive in inboxes. It is therefore important to make sure all employees are trained how to recognize email threats.

Employees should be taught how to recognize threats such as phishing attacks and other email scams and should be encouraged to adopt cybersecurity best practices to reduce risk. Security awareness training for healthcare employees is an essential part of any cybersecurity strategy and also a requirement of HIPAA.

Just as it is important to test backups to make sure file recovery is possible, the effectiveness of a security awareness training program should also be assessed. Phishing email simulations can help to identify weaknesses which can be addressed through further training.

FAQs

Why is sandboxing necessary?

Sandboxing is used by many advanced spam filtering solutions to detect new (zero-day) malware threats. If an email attachment passes antivirus checks, it is sent to a sandbox where it is opened and subjected to in-depth analysis to identify malicious scripts or command and control (C2) center callbacks.

Is outbound email scanning important?

Outbound scanning is an important features of spam filters. If a mailbox is compromised and is used to send phishing emails internally or to contacts, the outbound scanner will detect and block those threats and protect your company’s reputation. Some spam filters allow data tagging, for SSNs for example, to block attempts to send sensitive data to personal email accounts.

Does Office 365 have a spam filter?

Microsoft provides a basic spam filter with the Office 365 license cost called Exchange Online Protection (EOP). EOP provides a reasonable level of protection against spam, and known malware threats will be blocked, but it is much less effective against blocking sophisticated phishing emails. You should consider augmenting EOP with a third-party spam filter.

How can I improve protection against phishing attacks?

To improve protection against phishing, consider implementing a web filter. A web filter provides time-of-click protection against malicious hyperlinks in emails, which can be difficult for spam filtering solutions to identify. A web filter blocks attempts to visit known malicious URLs and scans web content before allowing access to a website.

What are the three main benefits of a managed spam filtering service?

The main benefits of a managed spam filtering service are: 1) You do not need to dedicate hardware to spam filtering. 2) All filtering takes place on the service provider’s servers so does not use your CPU resources. 3) No software updates are required as they are handled by the service provider.