Spam emails have always been a constant threat to all businesses. But in recent times we have noticed an increasing sophistication to spam emails, regardless of the email solution used.
Definition of Spam: Irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc.Oxford Dictionary
For this reason, I wanted to write a post on spam and discuss the main reason why this threat is increasing. While also explaining our dedicated spam filtering service and it’s benefits.
Cloud Services and their risk
While there are countless drivers for spam such as economic and technical factors. A key reason for the upward trend in sophisticated spam-like fake invoices is due to the use of cloud services by the majority of businesses rather than the minority. In the context of spam, this means that the number of servers sending emails on behalf of small businesses has increased. This has created significantly more opportunities for scammers and alike.
Accounting services like Xero are an example of this, where emails are sent on behalf of your business using generic email templates. Whereas traditional accounting software would send emails via your business’s official email server.
This leaves traditional spam filtering systems in a difficult situation. As legitimate and fake emails are sent effectively in the same manner, with both being sent from 3rd party email servers. While they are also visually and at a code level indistinguishable from one another. So for spam filters to consistently block fake invoices, for example, they also have to block a significant amount of real invoices.
A common solution to this problem and others like it is server blacklists and reputation monitoring of email servers. So for example, the email servers that your accounting service use have a greater reputation than an email server that was created yesterday. But this approach only partly solves the problem. Since if you have a bad actor using the same email server that you use to send invoices for example, then the reputation of that email server is impacted. This ultimately affects the deliverability of emails from that server.
How does a dedicated spam filter solve problems like the one above?
Every spam filter employs different methods for detecting and stopping spam from reaching email users. In the case of our solution, the key is tailoring filters to each client from the outset. Instead of having a single set of filtering rules for all clients regardless of their different industries and locations.
The human element
The majority of spam and virus filters do not effectively leverage human intelligence to better prevent spam and viruses.
For example, when a user marks an email as spam, it is moved from their inbox into their spam folder. This action may then inform how similar emails are delivered to that user, and perhaps the wider company. But it doesn’t normally inform the wider network of companies and individuals using that same spam filtering service.
This is because traditional spam filters are largely algorithm-based. As a result spam emails and alike can easily be tested and refined to ‘beat’ these filters.
A dedicated spam filter such as ours uses geography filtering (explained below). This is then combined with human reporting to stop emails that are spam or have bad intent.
This works because spam emails are a numbers game as a business model, so 1000s of the same email have to be sent out. By holding emails sent from a spam-prone region for an extra 15 minutes emails that appeared to be clean can then be reclassified as spam. As other companies and users who did receive the email mark it as spam over the course of that 15 or more minutes of quarantine.
Better protection through geography filtering
This is how our dedicated spam filtering solution differs. As we detect the origin of all emails, and then based on the individual client’s usage, put in place harsher filters.
For example, if we detect that 47% of a company’s spam is being sent from a location in Eastern Europe. But a limited number of legitimate emails are being sent from the region, then the spam filtering will hold emails sent from that region for a set period of time before passing them on to the intended recipients.
So an email that is originally marked as clean will still be held for anywhere from 15 minutes to hours. During this time, another person may report an email from the same sender as spam, and the email would then be marked as spam and not passed on to the end-user.
In the example above, you can see that 9 emails are currently being held for 30 minutes before being sent on to end-users. The other 4 are being held for 15 minutes. While emails for Oceania are sent on to end-users instantly. This is because less than 1% of spam is sent from the region, and this is where the customer base is for this company.
The other benefit to our dedicated spam filtering service is that it scans all emails for viruses. We can tailor this scanning to your exact business rather than using a generic filter.
In addition, because the spam and virus filtering is a dedicated system it operates independently of your existing email service. This makes implementing the service straightforward. While also creating a backup email service, so that if your normal email service fails, emails will be saved and accessible via the spam filtering service. When your actual email service comes back online, any missed emails are automatically sent through.
While if our spam filtering service goes down, emails are sent straight to your email service, and that service’s regular spam filtering service.
Does dedicated spam and virus protection actually work?
Yes. This service is not offered by default and its something we only recommend for select clients. In every implementation so far, we have solved all the problems that our clients have had.
In a recent implementation for a financial services company, we were able to stop viruses from being delivered to users overnight. Even in cases where emails appear to be sent from within the company or by a client, while at the same time, no false positives have occurred.
Understanding the value of a dedicated spam and virus filter solution
In Australia and other OCD countries, labour costs are a dominant expense for any business, so staff productivity is vital. A dedicated spam filter frees up small increments of time for staff every day, that over a year snowball to provide a strong return on investment.
When this is combined with the reduced risk of fraud and data breaches. Investing in a dedicated spam and virus filter service for your email services is one of the best investments you can make in technology.