Mimecast takes aim at spear phishing through enterprise cloud email protection

Mimecast has struck out a blow against spear phishing with a new enterprise email protection service that is specifically geared towards nipping malicious URLs in the bud before they become a problem.

Related: How to avoid getting stung by a spear phishing scam

Targeted Threat Protection has been added to the company’s suite of cloud email security services to scan all URLs contained within emails even if they come from “trusted” sources before automatically preventing users clicking “at risk” links.

“The threats to an end-users’ inbox are constantly changing and have moved far beyond the daily barrage of spam and virus content on their work desktop. We have to protect their work and personal desktop, laptop, tablet and smartphone as today each device is used for enterprise email,” said Orlando Scott-Cowley, director of technology marketing at Mimecast. “IT teams know their end-users are one of their weakest security links and can be specifically targeted to get access to critical systems and valuable corporate data.”

Mimecast’s new solution works by rewriting URLs contained within all inbound emails as soon as they are received. The link is rewritten at the gateway so that once it is clicked users are redirected to the Mimecast cloud at which time the original links is scanned for malicious content before being opened. Scans are done on links every time they are clicked and not just the first time, in order to make sure links that become malicious are not accidentally accessed.

IT teams will be happy to know that the service can easily be managed from within the existing Mimecast Administration Module and also that the protection for end users does not require any additional infrastructure or on-premise staffing to function successfully.

End users, meanwhile, won’t see anything change as the content from malicious sites will be blocked automatically and those that aren’t blocked will simply appear as normal.

Mimecast is attempting to add an extra layer of protection against the threat of spear phishing, which is when a malicious URL is embedded in an email that appears to come from a “trusted” source and can damage a company’s security when clicked.

Related: Spear phishing attacks will soon be “devastating”

Targeted Threat Protection works on desktop, work and personal mobile devices and will be released in July.