Email Security Blog

How Phishing Security Software is Different from Email Security Software

If I asked you to define what anti-phishing software is, you probably think of spam and malware filters. Perhaps you could name some that you've heard advertised on the radio, come across online, or that you use yourself at your current company.

All of the legacy email security applications currently on the market have value and are useful within the space that they operate. However, most are not effective as an anti-phishing software solution because there are many differences between traditional email security software and a true anti-phishing software platform.

It can be difficult to understand the difference between phishing security software and email security software. We often hear concerns about whether our anti-phishing software and legacy email security gateways are compatible and can work together. It is entirely possible, and indeed practical, to ensure that your prior investment in an email security gateway is maintained when you implement your next-generation phishing attack software.

Legacy email security gateways tend to focus on malware prevention and spam filtering, but their effectiveness as an anti-phishing solution is often limited. We have proven by conducting numerous tests that when an email security gateway and our phishing attack software are run simultaneously, we catch a significant number of phishing attacks that the traditional email security gateway missed. This is because many legacy email security software applications are not anti-phishing applications. While they can be effective at catching generic spam, they do not serve email users well when it comes to common phishing attacks such as spear-phishing and CEO fraud.

Legacy email security software is configured to “seek and destroy” so it can identify mass-market phishing attacks that share generic commonalities. However, as phishing attacks become more targeted and more focused, email security software becomes less useful as a phishing attack software prevention tool.

Legacy email security software is generally focused on the content of an email and uses Bayesian and statistical methods to detect patterns that are associated with phishing attacks and spam emails. However, when the emails lack those patterns and are sophisticated and targeted, a legacy email security software becomes less effective.

Email security software can also miss malware if the body or the content of the email and the phishing attack are customized enough to appear to be legitimate. Often the inherent failing of legacy security software solutions is that they do not evaluate all aspects of an incoming email and focus solely on content or attachments. To be an effective phishing attack software solution, the solution itself must evaluate all aspects of the email received to make a complete evaluation as to whether it is a legitimate message or in fact, a phishing attack.

Phish Fence, INKY's phishing security software uses three core functional tools to provide a 360° evaluation of every message that is received into a user’s inbox. It uses computer vision, artificial intelligence, and machine learning to create a full profile of likely phishing attack emails and adds a banner to each email that is unobtrusive but direct to alert users if a message represents a potential threat. This approach serves as in-line training for users to help them become more astute at recognizing the difference between legitimate emails and phishing attacks.

Phish Fence can usually be configured and deployed in less than 90 minutes--even when messages are passing through legacy email security gateways, and it only requires a one millisecond or less to evaluate all incoming email messages and add a banner to the ones that could be harmful. It also integrates seamlessly with any email configuration that your company has deployed and any of your legacy email software applications.

Since INKY Phish Fence uses machine learning and artificial intelligence, it “educates” itself every day. So, with every email it analyzes, it learns a little more and builds a stronger profile to determine which emails are phishing attacks and which should be passed on to users.

Request a demo to learn how INKY’s phishing security software can help you stop phishing attacks.

Topics: