Anti-spam: 8 solutions to protect your inbox from malicious e-mails

Unfortunately, European regulations and artificial intelligence won't stop spammers from sending you unsolicited e-mails (spam). Too many of these emails end up in your inbox instead of the spam filter, causing annoyance, loss of productivity and IT security risks.

However, there are ways of getting rid of unwanted mail without filtering out legitimate e-mails: anti-virus software and, above all, anti-spam software positioned upstream of your mail server.

In this guide to anti-spam solutions, we take a look at the current state of the anti-spam scourge and, of course, the solutions available to protect you.

See all software Antivirus

Spam's mind-boggling statistics for 2018

The chart above taken from statistica.com shows the evolution of spam's share of total email traffic worldwide. This history shows that although the share of spam is decreasing, it still represented 48.16% of emails in March 2018.

This figure is consistent with the source OKTEY for HAKIN9 magazine which puts the spam share at 50% of total traffic. This represents more than 15 billion spam messages per day worldwide! With 12% of spam sent, the United States is the world's leading spam sender, followed closely by China and Russia.
However, the evolution of technologies means that 90% of spam can be filtered upstream thanks to the anti-spam tools of Internet Service Providers(ISPs) and email providers (source: Signal Spam March 2018).

On the other hand, if spammers solicit you a lot, they only get a reply from you once every... 12.5 million emails, according to TechRadar. The ratio is certainly very low, but the volumes are such that the victims are ultimately very numerous. The proof is that although the click-through rate is low, business is profitable for spammers: the gain is estimated at $7,000 per day per spammer ($3.5 million per year) according to Groupmail.

In the final analysis, the cost to businesses and organizations, which was already $20 billion in 2012, has been multiplied by 12.5 in 2018 ($257 bn) according to Radicati Research Group. This cost is explained by lost productivity, temporary or permanent business stoppages, data theft and destruction, mail server saturation, etc. Ultimately, the cost of spam represents €1,673 per employee in the United States (source: Nucleus Research).

As a result, the cost borne by companies and attributable to spam is set to rise by €222 million a year, according to spamlaws.com. This shows that, although technology offers better control, intrusions are becoming increasingly virulent.

Spam: between unwanted messages and viruses

In most cases, junk mail is a major nuisance for recipients. They get mixed up with important mail in their inboxes, causing annoyance and loss of concentration.

This is why Gmail allows marketing emails to be separated (in tabs) from exchanges between individuals. Beyond the nuisance to individuals, spam consumes IT resources (storage space and bandwidth), which represents a cost proportional to the size of the company.

However, the greatest risk is posed by intrusion attempts to commit damage (data theft, data destruction, money theft, identity theft, etc.).

Unwanted commercial advertising

Unwanted commercial e-mails are mails perceived as useless and sent to lists of recipients who have not explicitly given their consent (opti-in) to receive these e-mails.

This can happen if lists have been bought or stolen. It is sometimes impossible to permanently unsubscribe from these lists (opt-out), which poses a real problem in terms of compliance with the CNIL and the RGPD.

Most of the time, these are scams or paid-for online services (adult sites, mortgages, training, online games, premium-rate numbers, etc.).

Phishing

Phishing is an email fraud technique that involves pretending to be a trusted third party (bank, insurance company, social security, etc.) in order to extract personal information or money. Phishing emails generally look like very close copies of those on the official website. A variation of phishing, spear phishing, involves personalizing messages sent to a small number of users (versus a generic email sent to as many potential victims as possible). It is estimated that 91% of hacking attacks begin with a phishing e-mail, which is why it is so important to set up effective filtering of these unwanted emails.

Ransomware

Ransomware is a virus which, once it has infected a workstation, will encrypt all or part of the files on the computer or even the computer network.

The victim is given a decryption key by the hacker in return for a ransom. Ransomeware can lead to the closure of a business... or even worse.

In February 2016, for example, the Los Angeles Hospital was hit by ransomeware received by email. Medical records were inaccessible for hours putting lives at risk. In 2016, ransomware revenues amounted to $1 billion in the United States alone (source: FBI)

Spyware and malware

Spyware is spyware that infiltrates a computer system to monitor the user's activity.

Most are harmless, but violate users' privacy to the point of, in some cases, collecting passwords or activating webcams.

Malware, on the other hand, is malicious software (viruses, worms, Trojans) that causes irreparable damage to infected computers.

Spam: the number one source of computer attacks

Hackers generally bypass IT security systems through human error. As a result, companies need to strengthen their messaging defenses to minimize exposure to security vulnerabilities.

Anti-virus and anti-spam to protect against spam

The most effective solution for blocking dubious e-mails and avoiding all the inconveniences mentioned above is to protect the "Endpoint", or the last stage in an e-mail's journey before it is received. There are two ways of doing this:

• the quarantine system: Unwanted mail arrives in the recipient's mailbox. It is then isolated in a spam folder. The quarantine is purged automatically or not after a certain period of time. In this case, the sender is unaware that his message has been blocked;


• the anti-spam filter system upstream of the messaging system (during SMTP transfer), which alerts the sender that his e-mail has been blocked. The anti-spam filter acts like a firewall (pure and simple blocking) with an authentication mode (by Capcha or notification response) that allows the sender to manually prove that it's a human and not an automated process.

Anti-virus products such as McAfee, Avast, Kaspersky, Norton (Symantec), Bitdefender and AVG offer e-mail protection with quarantine and attachment scanning to identify malware.

On the other hand, anti-spam solutions are stand-alone and can be placed upstream of the mail server (e.g. Microsoft Exchange Server). They incorporate several anti-virus programs, an e-mail whitelist, a blacklist, algorithms, etc. to block fraudulent e-mails before they reach the user's mailbox.

What is anti-spam? What does it do?

Properly configured, antispam is a highly effective solution for eradicating spam. But what exactly is anti-spam?

Antispam is a software solution designed to filter out advertising messages, malware and ransomware. Antispam is installed either on the user's computer or on a remote server belonging to the antispam vendor. In the latter case, protection is ideal.
In concrete terms, anti-spam consists of the following elements :

• a Realtime Blackhole List or RBL (blacklists of IP addresses and e-mails),
• a heuristic analysis engine ,
• white lists,
• a Bayesian method (deduction of the probability that the email is spam),
• spam databases,
• URL verification algorithm,
• DNS configuration,
• SPF configuration,
• transaction history,
• user and company preferences.

Beware, however, of anti-spam software that is too strict, as this can lead to false positives (legitimate mail redirected to the junk folder).

8 professional anti-spam programs to protect your business

Altospam: the ^leading anti-spam software for eradicating spam

Altospam

+200 reviews

SEE SOFTWARE

Advanced Email Security with Spam Filtering and More

Learn more about Altospam

Bitdefender: anti-virus and anti-spam

GravityZone by Bitdefender

70 reviews

SEE SOFTWARE

Multilayer cybersecurity for small business with no IT team

Learn more about GravityZone by Bitdefender

MailInBlack: filtering, attachment scanning, authentication request and much more

1. Strict filtering
2. Anti-virus scanning of attachments
3. RBL filtering
4. Verification of white and black lists
5. Captcha sender authentication request

This solution uses the same principle as Altospam, passing incoming e-mails through an intermediary server to clean them up before they enter the company's IT premises.

MailWasher: a free version and a paid version

SpamCombat: spam intercepted before the inbox

• Filter spam from POP3 and SMTP accounts,
• Block spam by country of origin,
• Supports secure protocols (SSL/TSL),
• Deletes spam before it reaches the inbox,
• Secure email preview.

SpamFighter: Microsoft's partner spam filter

Spamihilator: the free anti-spam filter

Vade Secure: the only one to fully protect Microsoft Office 365

If you're using Microsoft Exchange Online Protection (EOP), you're not protecting your IT assets from spear phishing or zero-day attacks.

The publisher of the Vade Secure solution for Office 365 has designed an artificial intelligence (A.I.) engine to fully secure your messaging system: A.I. detects known signatures and rules out threats.

The advantage of artificial intelligence is that it learns: with each new hacking attempt, it adapts, analyzes and detects this new threat to eradicate it.

Video explanation:

Other Vade Secure benefits include

• native integration with Office 365 thanks to Microsoft's API,
• 1st filter eliminates threats based on identified signatures,
• anti-malware analyzes code embedded in documents (PDF, Word, Excel, etc.) and executable files,
• an analysis of URLS at the moment the user clicks on them: if the web address is suspicious, the link is not clicked.

Bonus: 10 best practices to protect yourself from spam and hackers

1. Check the sender (domain name), spelling and design of suspicious e-mails. Filter out unknown senders;


2. Do not open attachments to suspicious messages (especially if they are executable files);


3. Prefer webmail (Gmail from Google Apps, Yahoo mail, Hotmail/outlook, Postbox) to heavy-duty e-mail programs (Mozilla Thunderbird, Outlook Desktop), as they are more powerful and store e-mails in the Cloud instead of on your computer;


4. Prefer Mac OS and Linux to Windows (especially Windows XP and Vista), as these two first operating systems are much less attacked;


5. Install anti-spam software upstream of your SMTP server;


6. Make regular online back-ups of all your data. In the event of file destruction, it will be very easy to restore all workstations from an up-to-date backup;


7. Contact your technical support team at the slightest incident (the sooner, the better);


8. Install an ad blocker (browser plugin) such as Gohstery to reduce the reach of malicious sites;


9. Never leave your e-mail address or telephone number visible on the Internet. Robots can crawl these sites to send spam e-mails, SMS or voice messages;


10. Refuse to pay any ransom demanded by hackers. Contact a professional immediately.

See all software Antivirus

Conclusion

Spam accounts for half of all e-mails sent worldwide. Although this proportion is declining, the nuisance caused by unwanted e-mail messages is becoming increasingly virulent.

These range from simple loss of productivity to business interruption when ransomware infects a company. The ultimate solution to these risks is anti-spam, offering externalized protection upstream of the e-mail account.

The multiple layers of protection and the tool's parameterization offer the best compromise between eradicating spam and reducing the number of false positives.

Finally, no matter how effective the solution, it must work in tandem with a good e-mail service (Gmail, Outlook, Zimbra), and be accompanied by employee training in good e-mail usage practices.