customer background
Shanghai Weimob Enterprise Development Co., Ltd. (hereinafter referred to as "Weimeng"), a company listed on the main board of Hong Kong, was established in 2013. It is committed to creating decentralized digital transformation SaaS products and full-link growth services for merchants, helping merchants to operate more effectively. Continued growth.
In this fast-paced network age, email has become an indispensable communication tool for enterprises, but it also faces various potential security threats. As an enterprise with a wide range of product lines and a large employee base, Shanghai Weimob clearly recognizes the importance of email security and has adopted a series of rigorous and effective security measures to protect the interests of the enterprise.
Accurately hit pain points
Mr. Guo, the administrator of Shanghai Weimeng, made an in-depth analysis of the security issues in this domain. He mentioned: In terms of security, the company will take some measures, such as: weak password scanning, system filtering policy settings, security expert lectures and training, etc. .
It is not difficult to see that Shanghai Weimob not only relies on technical means to ensure email security, but also attaches great importance to the cultivation of employees' security awareness, but even so, there are still some "fish that slipped through the net" to slip through the company's security defense line.
01. Ever-changing "subsidy" phishing emails
Phishing emails with topics such as "salary subsidy", "important notice from the finance department", and "personal subsidy for performance appraisal" all use a certain amount of cash subsidy as bait to induce users to scan codes to fill in personal sensitive information . The method is not clever, but it digs deep into human nature and closely follows the hot spots of current affairs, which makes people hard to guard against.
02. Lack of security awareness: the root cause of users' personal risk behavior
Personal habits directly affect the user's behavior when processing emails, especially the bad habit of frequently rummaging through the trash can easily bring potential security risks .
Based on the CAC Email Security Big Data Center, the identified phishing emails will be thrown into the trash bin. They disguise themselves as seemingly genuine emails to lure and trick users into clicking links or providing sensitive personal information, resulting in account theft and monetary losses.
The security threat composed of the superposition of various "vulnerabilities" above poses a major risk to account security, greatly increasing the probability of account theft!
For Shanghai Weimob, which manages thousands of employee accounts, how to accurately locate abnormal accounts and take quick action is crucial.
CAC2.0 global security monitoring, capturing abnormal accounts
Coremail's newly upgraded CAC2.0 is a threat email identification filter, email account anomaly monitoring and quasi-real-time alarm, leaked account threat login interception, and comprehensive email threat intelligence (attack IP, threat URL, phishing email subject, heavy secure emergency intelligence, etc.) cloud security services.
Comprehensively guard against "email threats" and "account threats", with the full-process capabilities of "pre-event interception, mid-event alarm, and post-event disposal", and can provide stable and reliable services in the harsh environment of enterprise mailbox management.
——Suspicious login interception : When you log in using an IP marked as a risk by Anti-Riot Guard, and the password verified by the email system is correct, Anti-Riot Guard will intercept it to reduce the threat of a successful credential stuffing attack.
——Abnormal login behavior : According to the login habit of the user’s email account, quickly identify abnormal login behavior, identify suspected stolen accounts, and distinguish high, medium, and low risk according to the risk behavior level of the account. It is recommended that customers focus on [high and medium risk ] Account] , judge whether the account has been stolen through the risk description, and deal with it in time.
——Abnormal letter sending behavior : use the CAC inspection results, combined with IP reputation and other information, to comprehensively judge and obtain "abnormal letter sending behavior" intelligence, which helps administrators more quickly analyze whether the account is in a stolen state, and control the spam in the domain Outgoing status, delete the email in time and notify the user to change the password.
Customer Reviews
As an old customer of Coremail, Mr. Guo has more intuitive feedback on CAC2.0:
"You can directly query the detailed sending records of abnormal accounts on the panel , and judge the accounts through the subject, sending IP, CAC judgment and other conditions, which improves the efficiency. If you score 1-10, you can give 8-9 points . "
While affirming CAC2.0, Mr. Guo also put forward many valuable opinions and demands.
In the future, Coremail will also continue to maintain a close communication and feedback mechanism to continuously improve and perfect the product and bring better value and satisfaction to users.