CipherTrust Announces Multi-Identity Reputation System

By | August 15, 2006

CipherTrust has announced several enhancements to its TrustedSource reputation engine, making CipherTrust the first company to offer reputation tracking across multiple identities – including IP, URL and Message-based reputation. The sophisticated analysis provides proactive reputation filtering to block spam, viruses, phishing or other malware, identify zombies and fraud, provide forensic information across trends and suspicious activity, and safeguard legitimate mail.

Over the past three months, message threats have continued to steadily increase in volume, making multi-identity reputation tracking necessary for automated tuning and intelligent datamining in real-time, critical as threats dynamically evolve. Specifically, CipherTrust Research has found:

Zombies – compromised PCs used for spewing spam, viruses and phishing – have continued to progressively increase, with the last major spike showing a 20 per cent increase in newly created zombies in May.

Image-based spam – unwanted messages that use embedded images to evade spam filters – has increased 200 per cent over the past three months and at peak times now accounts for more than 30 per cent of all spam messages.

Malicious message volumes have been rising sharply, showing a 20 per cent spike in global mail volumes during the month of July.

Additionally, since early this year, CipherTrust has identified new developments in spam operations including the release of new tools able to generate completely randomised images and deploy them in spam at speeds of up to 1 million per hour. This plays a significant role in determining the increased use of image-based spam, which continues to rise aggressively each month.

CipherTrust´s TrustedSource reputation engine helps to characterise the Internet´s messaging traffic and make it understandable and actionable. With the addition of TrustedSource Message Reputation, CipherTrust is able to identify spammers who are using image proliferation and manipulation to evade detection. Approximately one-third of CipherTrust´s customers have been running the multi-identity reputation engine since April, achieving significant effectiveness levels in blocking illegitimate mail.

CipherTrust has integrated IP reputation identities into its IronMail e-mail security appliances since early 2002 and provides real-time behaviour analysis on more than one-third of the world´s enterprise messaging traffic. In many environments, CipherTrust has been able to block 80 per cent of connections based purely on reputation data, increasing security levels while maintaining a false positive rate of less than one in one million.

Leave a Reply