About Internet Security Risks Parent topic

Thousands of viruses/malware are known to exist, with more being created each day. In addition to viruses/malware, new security risks designed to exploit vulnerabilities in corporate email systems and websites continue to emerge. These include spyware/grayware, phish sites, network viruses/malware, Trojans, and worms.
Collectively, these threats are known as security risks. Here is a summary of the major security risk types:

Internet Security Risks

Threat Type
Characteristics
Advanced threats
Advanced threats use less conventional means to attack or infect a system. Heuristic scanning can detect advanced threats to mitigate the damage to company systems. Some types of advanced threats that ATSE detects include:
  • Advanced Persistent Threats (APT):
    Advanced persistent threats are attacks against targeted companies and resources. Typically, a social engineering attack on an employee triggers a series of activities that open up the company to serious risks.
  • Targeted attacks:
    Targeted attacks refer to computer intrusions staged by threat actors that aggressively pursue and compromise specific targets. These attacks seek to maintain a persistent presence within the target's network so that the attackers can move laterally and extract sensitive information.
  • Exploits:
    Exploits are code purposely created by attackers to abuse or target a software vulnerability. This code is typically incorporated into malware.
  • Zero-day attacks:
    Zero-day attacks exploit previously unknown vulnerabilities in software.
Denial-of-Service (DoS) attack
A DoS attack happens when a mail server’s resources are overwhelmed by unnecessary tasks. Preventing ScanMail from scanning files that decompress into very large files helps prevent this problem from happening.
Phish
Unsolicited email requesting user verification of private information, such as credit card or bank account numbers, with the intent to commit fraud.
Spyware/Grayware
Technology that aids in gathering information about a person or organization without their knowledge.
Trojan Horse program
Malware that performs unexpected or unauthorized, often malicious, actions. Trojans cause damage, unexpected system behavior, and compromise system security, but unlike viruses/malware, they do not replicate.
Virus/Malware
A program that carries a destructive payload, and replicates - spreading quickly to infect other systems. By far, viruses/malware remain the most prevalent threat to computing.
Worm
A self-contained program or set of programs that is able to spread functional copies of itself or its segments to other computer systems, typically through network connections or email attachments.
Other malicious codes
ScanMail detects some malicious code that is difficult to categorize, but pose a significant threat to Exchange. This category is useful when you want ScanMail to perform an action against a previously unknown threat type.
Packed files
Potentially malicious code in real-time compressed executable files that arrive as email attachments. IntelliTrap scans for packing algorithms to detected packed files. Enabling IntelliTrap allows ScanMail to take user-defined actions on infected attachments, and to send notifications to senders, recipients, or administrators.