Johannesburg-based software as a service (SaaS) specialist SYNAQ is meeting the threat posed to South African companies by phishing syndicates head-on with the development and release of the country's first local phishing database.
According to SYNAQ managing director, Yossi Hasson, this will prevent phishing mails purporting to come from South Africa's major financial institutions from reaching the mailboxes of recipients protected by its locally developed e-mail protection software, Pinpoint SecureMail.
“The new anti-phishing database solution will proactively identify and block most types of phishing attempts that use the names of South African banks, insurance companies and medical aids to entice or threaten individuals into disclosing personal information, which can then be used to access their accounts,” he says.
South Africa is among the most targeted countries in the world for phishing attacks, according to Symantec's February 2011 MessageLab Intelligence Report. The March 2011 Online Fraud Report states that only the United States and United Kingdom are the targets of more mass phishing campaigns than South Africa.
Trend Micro's January 2011 Threat Roundup Report gives Absa Bank the dubious honour of being the world's third most targeted brand for e-mail phishing. Nedbank is ninth on the list.
Hasson points out that while there are many international anti-phishing systems available, they do not adequately address the problem in the South African context, especially with regard to our banking system.
SYNAQ developed Pinpoint SecureMail several years ago to address the specific protection requirements of the local market and act as a first line of defence between the public Internet and a company's e-mail servers. It incorporates a range of anti-virus, anti-spam, content control and anti-phishing services.
The company has now compiled a local phishing reputation and database signature list, which allows for the sending addresses of all major South African financial institutions to be verified.
“It ensures that the origin of mails from these institutions matches our database record for that institution. If not, a phishing record for that mail is added to the database, and any or all mails that match the same record is automatically blocked in future,” Hasson explains.
This ensures that regardless of the 'type' of phishing attempt tried, e-mails emanating from the unverified address won't reach the recipient's mailbox where he or she may be tempted or distracted enough to click on the phishing link.
“Because the solution is local, we are able to respond quickly to the unique attacks and efforts that affect the South African market. Companies that rely on international technology are either not able to respond as quickly or the region is not important or large enough for them to focus on such customisations, leaving South African organisations vulnerable to specific attacks.
“The enhanced phishing database has already greatly reduced the number of local phishing attempts that Pinpoint SecureMail users receive,” Hasson concludes.