This week on the blog, we focused a lot on the differences between API-based solutions. In general, Avanan has a ton of features that other APIs do not. In this blog, we focus on DLP. Almost all other API solutions do not have a DLP program. That's a major problem because the average cost of a data breach has increased by nearly 10% in 2021. In addition, it's taking longer and longer to identify a breach—even for accidental loss, it takes up to 200 days to identify. Avanan has an all-in-one DLP solution, providing scanning on emails, attachments, files and collaboration apps. With tons of customization, this is the most comprehensive DLP available. And it's the only one available amongst API solutions.
According to Gartner, content disarm and reconstruction is an essential item of any email security solution. However, not all API-based solutions have this feature. Not all SEGs have this feature. CDR is essential, as it removes any executable content, making files safe for the recipient and protecting users from zero-day threats. It's a huge weapon against ransomware and malicious files—and yet not everyone has it.
As long as there have been vaccines, there's been scams surrounding them. Whether it's fake vaccine passports or even purported vaccine doses, there's plenty of scams going around. We found an attack where hackers hope to scam end-users with obtaining a vaccine pass. It's a British-based attack. The email purports to come from the NHS, offering a vaccine pass. In return, the end-user needs to confirm their home address, as well as vaccination status. This email has a ton of urgency, as it says that if you ignore it, you may have to wait up to a year to receive another passport. It's a difficult email to stop, as there are no links, and no spelling or grammar errors.
Many attacks detonate post-delivery, meaning they easily get past email scanners and are only dangerous after the user clicks on the link. URL scanning, along with time-of-click analysis, allows the security solution to analyze and block links. Over the last year, we've observed several attacks that bypass post-delivery protections. The best way to prevent these attacks is through comprehensive URL scanning. That includes analyzing links both when the email is delivered and at click-time; it means doing image and attachment analysis. By doing all these things in concert, you achieve another layer of post-delivery protection and get enhanced protection for zero-day attacks. Again, not all API-based solutions offer URL scanning and if they do, it's limited in nature.
As governments have paid out relief checks during the COVID-19 crisis, hackers have tried to get in on the action. This attack shows an email from the World Health Organization, offering relief checks. This email should raise a ton of red flags, especially since the WHO doesn't do direct relief checks. There's also plenty of grammar and spelling errors. Avanan caught this easily, despite it passing by Secure Email Gateways.