Cisco Email Security Appliance

Cisco Phishing Overview

The Phishing Problem

Phishing is an attempt to fraudulently acquire sensitive information (such as usernames, passwords, and credit card details) by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email and often directs users to enter details at a fake website.

The individuals behind phishing send out millions of emails in the hope that a few recipients will act on them. Any email address that has been made public (in forums, in newsgroups, or on a website) is susceptible to phishing.

Figure 1

Mitigating the threats posed by phishing requires a combination of solutions-based, policy-based, and behavioral-based controls. For example, the Cisco Context Adaptive Scanning Engine (CASE) reviews sender reputation, examines the context of the entire message, and filters more accurately than traditional spam-screening techniques.

Figure 2

Because security is a never-ending race against threats, it is important to analyze your security infrastructure on a regular basis. Few factors are as important as how often the technology updates itself.

The Cisco Email Security Solution

Cisco gateway security appliances provide the first line of defense in a comprehensive security approach. Using data from Cisco SenderBase Network, Cisco Email Security technology examines:

  • What content a message contains
  • How the message is constructed
  • Who is sending the message
  • Where the message's call to action takes you

Cisco Email Security technology provides both proactive and reactive protection. Measures such as DomainKeys Identified Mail (DKIM) signing clearly identify mail sent from your organization. At the same time, automatic updates to signature files and preventive security defenses provide the latest protection and information on emerging threats.

Multiple built-in antiphishing features include:

By combining these elements, Cisco's antiphishing features stop the broadest range of threats with industry-leading accuracy. Cisco Email Security products can protect your infrastructure not only from today's threats but also from those certain to evolve in the future.

Figure 4

Additional Resources