State and Local Agencies Increase Email Security with Anti-Phishing Applications

How Seguin Leaders are Working to Better Tackle Phishing

Several years ago, McDaniel was in search of new cybersecurity tools to help the city manage its “uncontrolled” email environment. “We did not have any specific losses related to phishing, but it was only a matter of time,” he says.

The city opted for Mimecast solutions, including the Internal Email Protect tool, to better provide the sort of perimeterless protection that McDaniel notes is needed to combat modern cyberthreats.

Almost immediately, he says, city employees noticed a drop in unsolicited junk emails from spammers and scammers. The tool blocks about 20 to 25 percent of the roughly 1 million emails to city employees each year. It also sandboxes traffic resulting from links contained in emails, opening them outside of the city’s environment and preventing any malicious software from infecting Seguin’s network.

McDaniel stresses the danger of phishing during orientation for new hires, explaining that many of the attacks are aimed at stealing money directly from their personal finances.

“We’re only as strong as our weakest link,” he says. “I want our employees to be comfortable enough that if they see something that doesn’t look right, they’ll say something — shoot me an email, call me on my personal cell. We’re all one big team, and we need to rely on everybody.”

How to Better Defend Against Phishing

Tyler McKenzie, security and infrastructure administrator for Mohave County in Arizona, says phishing has become a “huge problem” for the county.

“Early on, it was easy to spot a fake email,” he says. “They had fake names in the signature and wrong logos. These days, phishing is highly targeted.”

To combat the threat, Mohave County adopted Barracuda Impersonation Protection and increased use of its Microsoft 365 security features. The moves coincided with the county’s migration from on-premises to hosted email.

“We felt at that time we were giving up some control, so we needed the extra peace of mind,” says Stephen Smart, the county’s security and infrastructure manager. “We decided on Barracuda after testing and ensuring the product met our needs.”

Barracuda Impersonation Protection blocks up to 4,000 suspicious emails per month for the county. In January, the tool’s Incident Response module allowed the county to pull back a batch of more than 7,000 phishing emails that were sent to elected officials. This enabled the county to focus its efforts on assisting the few users who did click malicious links before the emails were pulled.

“We limit our attack surface by identifying and pulling back malicious emails to stop any more users from clicking, raise awareness by sending out a warning email to the affected users, and then implement rules and continuous remediation to stop further emails from coming in with just a few clicks,” McKenzie says.

In the near future, the county will focus on training users to identify increasingly sophisticated phishing attempts, says Samantha Rule, security and infrastructure administrator for the county. “Now that artificial intelligence has matured, those classic indicators like bad grammar and spelling issues will generally not be present,” she says. “Training our end users to spot and treat the limited bad emails that do make it through as such will be the next challenge.”