About Internet Security Risks Parent topic

Thousands of viruses/malware are known to exist, with more being created each day. In addition to viruses/malware, new security risks designed to exploit vulnerabilities in corporate email systems and websites continue to emerge. These include spyware/grayware, phish sites, network viruses/malware, Trojans, and worms.
Collectively, these threats are known as security risks. Here is a summary of the major security risk types:

Internet Security Risks

Threat Type
Characteristics
Advanced threats
Advanced threats use less conventional means to attack or infect a system. Heuristic scanning can detect advanced threats to mitigate the damage to company systems. Some types of advanced threats that ATSE detects include:
  • Advanced Persistent Threats (APT):
    Advanced persistent threats are attacks against targeted companies and resources. Typically, a social engineering attack on an employee triggers a series of activities that open up the company to serious risks.
  • Targeted attacks:
    Targeted attacks refer to computer intrusions staged by threat actors that aggressively pursue and compromise specific targets. These attacks seek to maintain a persistent presence within the target's network so that the attackers can move laterally and extract sensitive information.
  • Exploits:
    Exploits are code purposely created by attackers to abuse or target a software vulnerability. This code is typically incorporated into malware.
  • Zero-day attacks:
    Zero-day attacks exploit previously unknown vulnerabilities in software.
Denial-of-Service (DoS) attack
A DoS attack happens when a mail server’s resources are overwhelmed by unnecessary tasks. Preventing IM Security from scanning files that decompress into very large files helps prevent this problem from happening.
Phish
Unsolicited email requesting user verification of private information, such as credit card or bank account numbers, with the intent to commit fraud.
Spyware/Grayware
Technology that aids in gathering information about a person or organization without their knowledge.
Trojan Horse program
Malware that performs unexpected or unauthorized, often malicious, actions. Trojans cause damage, unexpected system behavior, and compromise system security, but unlike viruses/malware, they do not replicate.
Virus/Malware
A program that carries a destructive payload, and replicates - spreading quickly to infect other systems. By far, viruses/malware remain the most prevalent threat to computing.
Worm
A self-contained program or set of programs that is able to spread functional copies of itself or its segments to other computer systems, typically through network connections or email attachments.
Other malicious codes
IM Security detects some malicious code that is difficult to categorize, but pose a significant threat to Exchange. This category is useful when you want IM Security to perform an action against a previously unknown threat type.
Packed files
Potentially malicious code in real-time compressed executable files that arrive as email attachments. IntelliTrap scans for packing algorithms to detected packed files. Enabling IntelliTrap allows IM Security to take user-defined actions on infected attachments, and to send notifications to senders, recipients, or administrators.
Ransomware
A type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key.