Resources | Clearswift



DRP Solutions Market Guide

The demand for Digital Risk Protection (DRP) is on the rise as cybercriminals are increasingly targeting businesses on channels outside the corporate firewall. According to Frost & Sullivan’s latest Frost Radar Global DRP Report, the traditional security perimeter has changed, and unlike phishing attacks that can be managed and mitigated through internal controls, these threats live on spaces not...
On-Demand Webinar

Is Microsoft Email Security Enough?

As Microsoft’s security capabilities continue to evolve, many organizations are questioning how much they should rely on Microsoft for their email security needs. This video includes email security experts from Fortra discussing enterprise email security requirements and how Microsoft fits into an organization’s email security strategy and stack. Learn: • How to evaluate Microsoft’s role in your...

Stolen Credit Union Data on Dark Web Hits High in Q4

In Q4, Dark Web activity targeting Credit Unions reached its highest count in five consecutive quarters, according to Fortra’s PhishLabs. Attacks on Credit Unions jumped significantly during the second half of 2022, with threat actors advertising stolen card data from these institutions almost as frequently as National/Regional Banks. Data tied to financial institutions is considered especially...

Impersonation Represents the Top Social Media Threat in Q4

Social media attacks targeting organizations closed out 2022 nearly 19% higher than Q4 of 2021, according to Fortra’s PhishLabs. Social platforms continue to act as a hotbed for malicious activity, leaving organizations of all sizes vulnerable to impersonation and abuse. As of Q4, businesses can expect an average of 72.54 attacks on social media per month. PhishLabs analyzes hundreds of thousands...

Sandboxing and Structural Sanitisation

Join us for session two of our Clearswift Best Practices webinar series where we discuss sandboxing and structural sanitisation within your Secure Email Gateway.

Response-Based Email Attacks Reach Inboxes More Than Any Other Threat in Q4

In Q4, Response-Based phishing attacks were the top reported threat by end users, according to Fortra’s PhishLabs. While threats categorized as Credential Theft and Malware continue to bypass even the top secure email gateways, this is the second consecutive quarter where Response-Based attacks have led all categories. Response-Based attacks typically lack malicious indicators and instead rely...

Spam Mechanisms in the Secure Email Gateway

There are more than 15 configurable spam mechanisms in the Secure Email Gateway with a choice of local or global policy. Our expert, Dr. Steve Jeffery, Lead Solutions Engineer at Fortra, discusses the spam rules, where they get evaluated, URL detection, and message sanitisation. Learn how controls on the SEG can gain the best results for your organisation. This is one of a series of five webinars...

More than Half of All Phishing Sites Impersonate Financials in Q4

Phishing sites impersonating reputable organizations continue to represent the top online threat to businesses and their brands. In Q4, Financial Institutions were targeted most by credential theft phish, experiencing the largest share of malicious sites recorded since 2021, according to Fortra’s PhishLabs. Within the group, criminals capitalized on the broad customer bases and recognizable names...

What Is Whaling Phishing & How Does it Work?

“Whaling” phishing fraud attacks target the C-suite of a company which creates high risk of extremely sensitive, mission-critical data being stolen and exposed. Fortunately, protecting the organization from these attacks is possible. Whaling phishing is a type of phishing attack targeting larger, high-value targets, which is why it's called "Whaling." Attackers themselves often pretend to be C...

How to Gain Stakeholder Support for Email Security Investment

Investing in email protection beyond basic anti-spam is vital to protecting an organization, but persuading leadership and stakeholders of the investment can be complicated. In this article, we take a look at the helpful approaches for comprehensive email security buy-in.
On-Demand Webinar

Cybersecurity Threats in Europe: What you need to know and what to do about them

In this webinar, Fortra experts Paolo Cappello, Managing Director International, and Steve Jeffery, Lead Solutions Engineer, are joined by Tope Olufon, Senior Analyst at Forrester, to review the findings of Forrester’s recent European Cybersecurity Threats Report. European cyber security professionals struggle with similar attack techniques as their global counterparts. This webinar will highlight...

DKIM vs. SPF Email Standards: Do I Need Them Both?

When it comes to email authentication standards, should you use DKIM, SPF, or both? We’re going to cover these terms, when you should use them, what they do—and how best to protect your email domains. Is it Either/Or—or Both? Should the battle really be SPF vs. DKIM? While not mandatory, it’s highly recommended to use both SPF and DKIM to protect your email domains from spoofing attacks and fraud...

QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4

QBot was the most reported payload targeting employee inboxes in Q4, according to Fortra’s PhishLabs. This is the fourth consecutive month QBot has led malware activity as bad actors target organizations with a steady stream of high-volume attack campaigns. QBot previously represented the second most reported payload family, trailing behind RedLine Stealer in Q3. Email payloads remain the primary...

What Is an Enterprise’s Secondary Line of Defense Against Phishing Emails?

Following a multi-layered approach to phishing defense is a good idea, but using what you have close to home is best when it comes to a sensible security posture. In practice, a robust security awareness training program is key to instruct employees on what to look for when trying to spot phishing emails that may have landed in their inboxes.

DMARC Quarantine vs. DMARC Reject: Which Should You Implement?

You did it! You implemented DMARC and authenticated your email domains. This is no easy feat in itself and now, after DNS requests, third-party conference calls and writing internal policies, you are ready… It’s time for a stricter DMARC policy. If your DMARC policy has been set to p=none for months, you've likely had the chance to review who is sending email under your brand name and determine...

DKIM Guide: How to Set Up the Email Standard Step by Step

In this DKIM setup guide, we’ll walk you through the steps on how to set up DKIM correctly, test it, avoid common pitfalls, and fix common mistakes. In case you’re new to DKIM, or DomainKeys Identified Mail, we’ll start with a high-level overview before getting to the step-by-step instructions, but you can first look up your DKIM record here. What is DKIM? A Brief Introduction DKIM is a standard...