Subscribe to Dr. Granville's newsletter

Hijacked Email Account Detection

One of the outcomes of spammers and phishers becoming craftier is the development of tools to keep an eye on network traffic scanning for unusual activity. Intrusion protection systems and intrusion detection systems, once novel are becoming more commonplace. This month, Alt-N Technologies, Ltd. announced the immediate availability of MDaemon Messaging Server 13—the latest version of its low cost Windows-based email and messaging server. Built directly into the product, and among the most customer-requested new features is hijacked email account detection.

As filters and other methods of stopping unwanted email get better, spamming and phishing techniques have continued to evolve to evade detection. In the past few years, spammers and phishers have very fruitfully hacked into email accounts and taken advantage of trusted email addresses captured directly from a user’s address book. How many of us have received an email message from a friend or relative supposedly traveling abroad and stranded? Having received a couple of those myself, if I had not known better, I might have fallen for the tactic. The chances of a relationship between those listed in a contact address list and being accepted as a trusted sender directly into another’s inbox is high. The tactic has been working successfully for several years and IT administrators are looking for ways to put a stop to the practice.

According to Kevin Beatty, vice president of marketing and business development for Alt-N Technologies, MDaemon’s Hijacked Account Detect and Disable feature will detect, disable, and notify an IT administrator of email accounts that send too many messages in a given timeframe.

“It is technically different from an Intrusion Detection System (IDS) in that an IDS function is to identify possible incidents, log information about them, and reporting attempts to a management station,” explains Beatty. “MDaemon’s feature is analogous to IDSes but it also executes the most critical step for a company: disabling an account from sending traffic that could result in a customer’s domain being blacklisted. Once the IT administrator has had the opportunity to review the account, it can be released and email traffic can resume.”

Beatty does add that as with all best practices for messaging and network security, a layered approach consisting of multiple facets to address and prevent security threats continues to be recommended.

The need for a hijacked email account detection feature is a reflection on the prevalence of the problem and a key truth: a majority of the time people do not know that their account has been hijacked. In its 2011 State of Hacked Accounts [PDF] published by Commtouch, the authors found that less than one-third of users noticed that their accounts were compromised (with over 50 percent relying on others to identify account anomalies) and 15 percent of users believing their credentials were stolen after using a public kiosk or WiFi network.

“We do have some customers using third-party solutions,” acknowledges Beatty, “but to maintain Alt-N’s goal of making MDaemon simple for the customer to manage and maintain, adding the feature within the product [user interface] just made sense. Surprisingly, the easiest way to prevent an account from being hijacked is through strong password policy enforcement. However, the IT Admins can’t always easily ensure users are following the policy and practices vary across business size and markets.”

Since its original introduction, MDaemon is looked upon as a lower cost alternative to Microsoft Exchange and Small Business Server (SBS). “The main point I stress with SMBs and the channel that serves them is to ensure that the solution match the true needs of the customer,” says Beatty. “MDaemon has been successful since 1996 because we have focused on the principles of affordability, quality, and flexibility. We have always been focused on the needs of the SMB market. Many channel partners have added MDaemon to their Exchange portfolio to satisfy customers when cost is a key driver.”

The user community largely drives MDaemon’s feature set. Another highly requested feature that reflects today’s bring your own device (BYOD) trend is a single interface to manage the growing BYOD environments typical of SMB/SMEs. Smartphones and tablets that run Android, iOS, Windows and BlackBerry can be managed from a single user interface within MDaemon’s console or via its remote administration screen (WebAdmin).

“There are many mobile device management solutions on the market that perform many functions from inventory control to policy enforcement across the various device platforms,” observes Beatty. “What Alt-N has heard from its customers is true to every feature we have put in our email server over the past 15 years: ‘please make it simple for us to manage and maintain’.”

Beatty goes on to say that the latest MDaemon includes ActiveSync support, “so now all devices (smartphone and tablet) can be managed from a console within MDaemon or its remote management web interface. But unlike many MDM solutions that provide an extensive set of features geared toward the enterprise, we have focused on what our customer said was the most important for SMBs: remote wipe, password policies, device locking.”

Other enhancements in this month’s release of MDaemon 13 include:

  • Document sharing from MDaemon’s web mail that provides a central repository for documents to be accessed and shared by designated users.
  • A public folder ticketing system that allows users to quickly communicate with the sales or technical support team of the host to request help with any issues that may arise.
  • Improved performance in low bandwidth environments via IMAP COMPRESS.
  • The ability for Administrators to view traffic and mailbox performance to gain a graphical view of basic email patterns, top users and other key stats.
  • A drag and drop email attachment feature that allows users to select multiple files and attach them to a web mail message.

Of the new release, Beatty concludes, “Our goal is for prospective customers to add MDaemon to their list of potential messaging servers. We’re confident that when compared to their current solution, they will quickly discover it meets their needs in terms of features and total cost of ownership.”

E-mail me when people leave their comments –

You need to be a member of Messaging News to add comments!

Join Messaging News

Messaging Events

Security
Tech