Email Security Blog

Email Security Comparison - Anti-Phishing Software: 6 Questions to Ask

Selecting an Email Security Gateway can be a difficult task. Really, if you are in the market for a Secure Email Gateway (SEG), you appear to be spoiled for choice.  'SEG's options are plentiful, and they offer a guarantee that they can prevent phishing. 

Consider the fact that each year, billions of dollars are stolen from US corporations as a direct result of successful phishing attacks.

In 2019 both Google and Facebook, two tech titans with otherwise impeccable security histories were both infiltrated by successful phishing attacks. In both cases, a legitimate vendor was successfully impersonated to the tune of tens of millions of dollars, all before any flags were raised.

How is it then that with the rise in phishing attacks so many email security vendors claim to be the solution?

One of our competitors claims to be a comprehensive security solution; however, we routinely find brand forgery emails slipping past their technology and making allegedly protected users. 

Unfortunately, for security professionals searching for a new SEG, a mixture of aggressive marketing and misplaced confidence have created a weakness in our email platforms.

Nothing slips through the INKY Phish Fence. In fact, when placed in-line with other well-known email security solutions, INKY often will catch thousands of emails that slip through those legacy solutions.

To help you compare and find the right email security solution we've prepared six questions to ask before you commit to an SEG.

Note: Keep in mind that at INKY we can answer each of these questions in the affirmative, not in a future release, not tomorrow, today (we could yesterday too).

  1. Does the product have User-friendly banners added to emails to provide warnings and "Just in Time" phishing awareness?

INKY does. Our anti-phishing banners provide users with assurances or warnings in each and every email. Our banners provide a unified cross-platform user experience presenting uniformly on both mobile and PC devices. The banner system serves as a message by message educator, hardening the email user community to the realities of phishing and increasing their ability to spot phish and most critically think before they act.

  1. Does the product have a ‘report link’ added to emails that facilitates end-user reporting of both malicious email and spam?

INKY provides a direct reporting capability that users can self-action after a banner has flagged a message as suspicious. The banners alert IT immediately that a potential phishing attack has been attempted, but critically provides the smaller IT shops with the opportunity for users to self-report rather than driving all potentially suspicious emails to a quarantine folder.

  1. Does the email security product require any add-ins, plug-ins, or client dependencies of any kind?

INKY works completely independently and integrates seamlessly into your current email setup, no add-ins, no plugin's, no fuss at all. Better yet, mail passing through 'INKY's Phish Fence does so in typically less than a second.

  1. Does the product employ computer vision methods to identify and block brand forgery emails?

INKY computer vision is second to none; we can discern fake graphics, fraudulent iconography and even assess the cadence of messages to determine whether they follow the typical pattern of the corporation being spoofed or represented.

  1. Does the application provide inline deployment with a full MTA, as opposed to API-based deployment?

This means INKY can

  1. a) Modify mail to add banners
  2. b) Move mail to quarantine
  3. c) Rewrite links to provide URL protection
  4. d) Scale to enterprise mailbox counts
  5. e) Operate in real-time on incoming mail (average latency < 1s in production)
  6. f) Remove added banners from messages end users reply to for better OPSEC

API based 'SEG's can't do any of that.

  1. Does the application offer interoperability with all incumbent SEGs?

At INKY we understand that a legacy investment may have already been made in an SEG perhaps your configuration is successful as a whitelisting device, is working for as an anti-spam mechanism or successfully stripping malware.

With that in mind, we made INKY work with every SEG on the market today. With INKY, there is no need to rip and replace. In fact; we play so well that Phish Fence seamlessly acts as a final barrier to prevent the phish that made it through your SEG from going anywhere.

I encourage you to ask the six questions we've provided and if, as I suspect, the platform you are considering doesn't answer yes to all of the questions then I urge you, allow us to prove in real-time how effective INKY’s anti-phishing solution can be. 

You don't compare apples to potatoes or horses to cats so don't compare spam filters and malware filters with a fully-featured email security gateway. The legacy SEG's are resting on their laurels; they are happy scraping off the low hanging fruit, the spam, the malware but their approaches are lazy, you deserve better, you deserve INKY.

Schedule a DEMO today and start a free trial.