The computer network attacks have become more frequent and severe in recent years. We keep receiving phishing emails which are targeted at our users.

Phishing is an Internet scam where scam artists send official-looking emails to people, attempting to fool them into disclosing their personal information. Phishing emails typically direct the receivers to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers.

In October, only 15.2% of the incoming emails were not categorized as spam or junk mail, while our secure email gateways had detected and stopped the other 84.8% infected emails.

Considering this situation, ICTO has purchased and set up a new secure email gateway – Proofpoint replacing the existing one. The replacement of the secure email gateway was completed on 12 November 2015.

The new secure email gateway with next-generation email filtering system inspects all incoming or outgoing emails of the University staff and students email system so as to protect the mailboxes from spam, viruses, malware, phishing scams and other unwanted messages.

Advantages of the New Secure Email Gateway:

1) Capable of processing all incoming and outgoing emails in UM email systems which the existing email gateway cannot.

2) Most successful in blocking spams from entering the UM email systems.

3) Provides the targeted attack protection to better protect the UM email systems from phishing attacks.

4) Provided greater flexibility in dealing with incoming and outgoing spam.


How does the new email gateway protect your email from phishing and targeted attacks?

The new secure email gateway uses a new technology to protect our users from phishing and targeted attacks.

The links (URL) in each email will be evaluated using a variety of sophisticated techniques. If the links cannot be definitively classified as safe, the URL will be rewritten and it will cause the URL Defence to evaluate the linked website a second time when user clicks on the URL. If the URL is malicious, the following notification will be prompted up in your browser to notify you that the website has been blocked.

Message Summary Report for New Secure Email Gateway

The following chart shows the message summary in a week. As you can see, most of the messages were blocked by the dynamic reputation filtering, it is a powerful email sender reputation management service that combines a global email sender IP reputation, the email sender IP reputation data analyzed by powerful machine learning algorithms to block connections from malicious IP addresses. It is also the first line of defense against spam emails, denial-of-service and other email-borne, attacks, while delivering substantial bandwidth savings.

The messages blocked by the email firewall were due to the invalid recipients, directory harvest attack and limitation rules while messages blocked by the other reasons were due to relay deny, unresolvable domain and reject by mail routes.