Zombie Detection Stops Outgoing Email Threats from Infected Machines
Malicious code can be used to take over an enterprise’s computers, which are then used to send dangerous emails, such as spam, phishing, and viruses. These computers are called zombies because they have been secretly taken over to do the bidding of the hacker. A computer can become a zombie through any method of downloading a virus or Trojan, such as executable attachments to emails and downloads on Web sites. Emails sent from zombie machines could appear to originate from the victim’s computer and will steal computer resources to send the emails, often sent out en masse. These zombie machines can damage a company’s reputation and require costly resources to purge the malicious code.
MailFrontier provides zombie detection that employs multiple indicators to locate these dangerous machines and stop the transmission of email threats. The indicators include
- Machines sending out spam, phishing, or virus emails
- Emails sent from addresses not in the company’s LDAP address list
- High email volumes sent from individuals or corporate wide
- The email messages can be deleted or quarantined.
- An alert can be sent to a designated recipient.
- “Outbound Safe Mode” can be initiated, which
- Sends alerts every 30 minutes
- Prevents dangerous attachments from being sent
- Allows for the option to delete or quarantine outbound messages with dangerous attachments (for example, executables)
Zombie detection is offered as part of the MailFrontier Power Protection module.
© Copyright 2005 MailFrontier, Inc. All rights reserved.