Terminology | Industry Glossary
Risk Emails
Email spoofing – creation of email messages with forged sender address.
Spam – unsolicited, undesired, or illegal email messages.
Phishing – is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity.
Whaling – also known as whaling phishing or a whaling phishing attack, is a specific type of phishing attack that targets high-profile employees, such as the CEO or CFO, in order to steal sensitive information from a company. In many whaling attacks, the attacker’s goal is to manipulate the victim into authorizing high-value wire transfers to the attacker.
Viruses, Malware, Ransomware – is any software intentionally designed to cause damage to a computer, server, client or computer network.
Denial of Service (DoS attack) – is a cyber-attack in which the perpetrator seeks to disable, shut down or disrupt a network, website or service.
Business Email Compromise (BEC) – Acronym describing many common forms of targeted attacks carried out via email AKA phishing attacks. Very targeted, attackers research the target organisation to understand who the senior people are and who is likely to respond “well” to a BEC attack.
Product Functionality
URL Analysis – evaluates URLs within the message, using a risk score based on country/Top Level Domain (TLD), content, dependent on content types, including, misspelt or suspect words or invisible content and masking, where patterns may indicate that the sender is trying to mask true destination of the URL.
Quarantine – provides customers with the ability to release messages in case of misclassification based on defined conditions. May also be used in conjunction with SmartRules to quarantine email based on user-defined policies.
Gray mail – when one of the filtering engines has detected an email as spam but the other hasn’t so it gives you the chance to release the email if needed.
Data Loss Prevention (DLP) – is a set of tools and processes used to ensure that sensitive data is not lost, misused, or accessed by unauthorized users.
Email Backup – An email back up is a snap shot of a set of email data at a point in time. Generally, the data is held ready to be restored in a time of emergency, i.e. system failure causing lost data. It will be restored to a specific point in time specified.
Email Archive – An enterprise- wide email archive securely preserves all messages for anytime retrieval. It enables administrators to search across all users (past and present) based on a search criteria to find email messages and their associated attachments. For legal hold and official information requests it is wise to deploy tamper proof email archives, such as SMX’s immutable email cloud email archiving service.
Journaling – ensures a complete archive of the organisation’s emails are stored in a single, searchable, secure, off-site environment.
Sandboxing – A sandbox is a security mechanism for separating running programs, usually to mitigate system failures or software vulnerabilities from spreading. Often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.
Single Sign On (SSO) – an authentication method that allows a user to log in with a single ID to any of multiple applications.
Two Factor Authentication (2FA) or multi-factor authentication – is an identity and access management security method that requires two forms of identification to access resources and data. (source: Microsoft.com)
Artificial Intelligence (AI) – is the capability of a computer system to mimic human cognitive functions such as learning and problem-solving. Through AI, a computer system uses math and logic to simulate the reasoning that people use to learn from new information and make decisions. (source: Microsoft.com)
Machine Learning (ML) – is an application of AI. It’s the process of using mathematical models of data to help a computer learn without direct instruction. This enables a computer system to continue learning and improving on its own, based on experience. (source: Microsoft.com)
Active Directory (AD) – Active Directory is a directory service developed by Microsoft that enables network administrators to manage and organize resources on a network. It provides a centralized database for storing and managing information about network resources, such as users, computers, printers, and other devices. The Active Directory database is organized into a hierarchical structure, with domains at the top level. (source: Microsoft.com)
DNS or Domain Name System – hierarchical and distributed naming system/database for internet resources/domain names. Converts human-readable names to IP addresses used by computers and routers to direct requests and traffic to the correct destination.
MX records – a record in the DNS describing the authorized mail servers for a given domain name,
SmartRules – with SmartRules DLP you can create rules in the SMX email admin portal based on custom conditions and then take an action based on that condition. (see: https://smxemail.com/help-support/faq-s/technical-support/what-is-smartrules-dlp/ for more)
Exchange Online Protection (EOP) – is the cloud-based filtering service that protects your organization against spam, malware, and other email threats. EOP is included in all Microsoft 365 organizations with Exchange Online mailboxes. (Source: Microsoft.com)
Microsoft Defender for Office 365 (MDO) – is Microsoft's response and feature set when it comes to e-mail security. (Source: Microsoft.com)
Email Standards
DMARC (Domain-based Message Authentication, Reporting and Conformance) – is an email authentication protocol. It is designed to give domain owners the ability to protect their domain from unauthorised use. The purpose of DMARC is to protect a domain from being used in business email compromise attacks, phishing emails, email scams and cyber threat activities. In combination with SPF and DKIM, DM ARC provides comprehensive email security that will substantially increase your protection against high- risk email.
DKIM – DKIM stands for DomainKeys Identified Mail. This is an email authentication method that allows the recipient to verify that an email was sent from the domain it claims to be from and that it has not been tampered with during transit. DKIM works by attaching a digital signature to the header of an email message.
SPF (Sender Policy Framework) – is an email authentication method designed to detect forging sender addresses during the delivery of the email.
Message Transfer Agent (MTA) – within the internet email system a MTA is software that transfers electronic mail messages from one computer to another using SMTP.
BIMI (Brand Indicators for Message Identification) – is a standard improving email security via logo authentication. It increases brand recall, improves email open rates, and influences buyer behavior by putting a trademarked logo next to every email you send with the only integrated BIMI and VMC integration available on the market.
VMC (Verified Mark Certificate) – is a digital certificate issued by a certificate authority that verifies logo ownership. Your logo must be a registered trademark before receiving a VMC. A VMC verifies that your organization is the legal owner of your brand logo. (Source: google.com)
Security and Information Event Management (SIEM) – is a software solution to aggregate, correlate and if need be alert on events from across an organisations IT portfolio. Some popular SIEM products include Azure Sentinel, Splunk, and LogRhythm. More: https://smxemail.com/our-company/blogs-news/blog/siem-data-feed-could-change-the-game-2022-03-16/
Digital Operational Resilience Act (DORA) – is an EU regulation that solve an important problem in the EU financial regulation. Ensures all suppliers to government agencies take all steps to protect data.
Top Level Domain (TLD) – domains with the highest level in the hierarchical DNS – root part of the domain name.