The latest study from Sophos revealed that five out of 10 organizations see malicious emails as their top security concern, with 53% experiencing a phishing attack in the past twelve months. Impersonation attacks are some of the hardest to combat, often with no malicious payload to detect. In these attacks, criminals often try to deceive employees, using the name of a trusted sender to encourage victims to reply, click a link, open an attachment, and so on.<\/p>\n
Relying on users who scan email sender addresses, these attacks use simple display name forgery, to change the visible part of the email address that we see in many common email clients. Changing the display name to use that of trusted brands, or senior executive within the organization \u2013 it\u2019s highly effective for attackers.<\/p>\n
These attacks reign down from free email accounts, and in more targeted attacks, are known to use lookalike domain names, like that of the corporate domain.<\/p>\n
\u00a0<\/strong><\/p>\n Release highlights<\/strong><\/p>\n This latest enhancement for Sophos Email Advanced offers crucial protection against these impersonation phishing attacks and offers several great advancements:<\/p>\n <\/p>\n <\/p>\n Identifying VIPs<\/strong><\/p>\n VIPs are employees in the organization who are most likely to be impersonated by phishing attackers. While all users will receive the same protection, the system will look for external senders impersonating your VIPs and customers may add up to 200 VIPs.<\/p>\n Creating a VIP list in Sophos Central couldn\u2019t be simpler. Either choose to \u201cAdd VIPs\u201d by searching your user list for known individuals. Alternatively, if active directory synchronization has been enabled, select \u201cHelp me find VIPs\u201d and Sophos Email will look for users with titles that are in line with job roles most likely to be impersonated. Examples of titles and roles include:<\/p>\n <\/p>\n Acting on the threat<\/strong><\/p>\n This new service allows email administrators to act on potential threats with policy controls to quarantine suspicious messages, tag the subject line, delete, or warn users \u2013 with a banner added to inbound emails.<\/p>\n The enhanced \u201cAt Risk Users\u201d report provides a deeper level of visibility into these phishing threats, providing a breakdown of phishing impersonation attempts received, as well as users either warned or blocked from visiting URLs with malicious content. Drill-down levels provide further insight, including:<\/p>\n <\/p>\n <\/p>\n Superior phishin<\/strong>g protection with Sophos Email Advanced<\/strong><\/p>\n The level of phishing protection added to Sophos email in this latest release offers incredible value, with simple controls that helping ensure protection is in place quickly.<\/p>\n Social engineering Sophos scans all inbound email in real time, searching for key phishing indicators with SPF, DKIM, and DMARC authentication techniques, and email header anomaly analysis, as well as impersonation protection using display name. Lookalike domain analysis identifies impersonation attempts of a brand or VIP of the organization.<\/p>\n <\/p>\n Malicious URLs and attachments For phishing protection against malicious URLs or attachments that may contain malware, Sophos provides real-time URL scanning and Time of Click URL rewriting to analyze any URL before it clicked. Then Sophos Sandstorm, our AI-powered cloud sandbox, detonates suspicious files to ensure malware never reaches the inbox.<\/p>\n <\/p>\n User education<\/strong><\/p>\n Intelligent cybersecurity awareness training.<\/p>\n Sophos Synchronized Security connects Sophos Email to Phish Threat, the Sophos phishing simulation and training platform, identifying users who have been warned or blocked from visiting a website due to its risk profile or replying to a spear phishing email. It enables seamlessly enrolling them into targeted phishing simulations and training to improve awareness. Phish Threat license required.<\/p>\n <\/p>\n Sales materials<\/strong><\/p>\n A range of updated sales assets are now in place to help you promote these new features:<\/p>\n <\/p>\n Remarks<\/strong><\/p>\n We\u2019re excited to announce the ability to detect and block phishing attacks impersonating well-known brands and VIPs with Sophos Email Advanced.<\/p>\n","protected":false},"author":11,"featured_media":359,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[2],"tags":[10],"coauthors":[],"class_list":["post-259","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-products","tag-product-news"],"jetpack_featured_media_url":"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2019\/11\/featured-image-email-advanced.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/259","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/comments?post=259"}],"version-history":[{"count":2,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/259\/revisions"}],"predecessor-version":[{"id":532,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/posts\/259\/revisions\/532"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/media\/359"}],"wp:attachment":[{"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/media?parent=259"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/categories?post=259"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/tags?post=259"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/partnernews.sophos.com\/en-us\/wp-json\/wp\/v2\/coauthors?post=259"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\n
![\"Sophos](\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/01\/Policy.png\")
<\/p>\n\n
![\"Sophos](\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/01\/VIPs.png\")
<\/p>\n\n
![\"Sophos](\"https:\/\/partnernews.sophos.com\/en-us\/wp-content\/uploads\/sites\/3\/2020\/01\/Impersonation-Report.png\")
<\/p>\n
\n<\/strong>Suspicious messages can be blocked, quarantined, tagged with a subject line, or have a warning banner added.<\/p>\n
\n<\/strong>Real-time malicious URL detection and AI-powered sandboxing.<\/p>\n\n
\n