A recent government survey on cyber security breaches in the last 12 months highlighted the most common types of attacks, with email targeted attacks coming out on top.  

Security breaches, data leaks and email attacks are a huge threat to all organisations. Now, more than ever, you need a different approach to email security and management. This is where Mimecast can help. A leader in email security Mimecast can help you tackle these issues; we explain more about Mimecast’s features in this article. 

Mimecast email content analysis

Mimecast provide email content analysis and highlight  multiple factors that are considered when scanning the content of an email.

  1. Domain verification: Mimecast will perform checks on the domain name of the sender. This will check if the domain is newly registered  or has recently started sending email. It will also check if it appears on RBL (Realtime Blackhole List). Not only that but Mimecast will also check if it is a known free email provider or look out for typos, in this case a deliberate misspelling of a common brand.
  2. Subject Line Monitoring: Mimecast will look for potentially risky or enticing phrases used in subject lines eg Claim your reward or Your account has been compromised
  3. Threat specific language: Detection models seek out language where the user may be asked to complete an action eg send, share or buy something
  4. Message Intent: This focuses on the overall intent of the email. Is it an attempt to lure the user to a specific website? To divulge sensitive data perhaps

The culmination in analyses for these 4 aspects produce a score for the email which Mimecast will then use to determine if the email is a threat and what action should be taken. 

A centralised dashboard

As well as email content analysis Mimecast provides a centralised dashboard in which administrators can track in real time any threat detections within their email security. 

The dashboard is designed to provide a deeper insight into the classification of the threat and how many times this has been detected. It also provides a timeline for the time of day that the detections occurred at as we can see on the line graph.

The classifications of threat are broken down into: 

  • Malware
  • Phishing 
  • Spam 
  • Suspicious 
  • Blocked attachments  
  • Block URL clicks 

As well as providing data on threats, the dashboard can also provide vital information as to which users in your organisation are the most targeted by potential attacks. This data could then be fed into your user training to help improve vigilance and awareness of end users. 

Malware analysis

When drilling-down from a specific event, the analysis details page provides more information to aid understanding of the threat and what actions have been taken. The summary box displays an overview of the threat classification and status.  

The analysis panel provides detailed information about the message, its attachments and blocked URL clicks. Forensic reports are available for malicious file detections that have undergone dynamic analysis in the sandbox and more detailed information about the threat can be found here.

These are just some of the features that you can expect with Mimecast email protection. If you’d like to know how Mimecast can benefit your organisation contact our team who can help.