Email is widely recognized as the most popular method for attackers to spread malware and breach organizations. Our 2019 Internet Security Threat Report shows that employees of small organizations were more likely to be hit by email threats—including spam, phishing, and email malware—than those in large organizations. We also found that Microsoft Office users are the most at risk of falling victim to email-based malware, with Office files accounting for 48 percent of malicious email attachments, jumping from 5 percent in 2017.
With email being used to deliver complex advanced threats (such as ransomware) as well as other risks (e.g. impersonation attacks) organizations are seeking effective protection, that covers a broad range of email systems including Office 365.
In recognition of the growing importance of email security, two independent test organizations – SE Labs and Tolly – have recently conducted security effectiveness testing across a number of email security solutions. These tests are important as in both cases, the test organization had complete control over the threats and samples used in the test, even when the test was sponsored.
It is particularly pleasing that both of these tests showed Symantec’s email security to be market leading.
SE Labs award Symantec the top, ‘AAA’ rating
In December 2018, SE Labs published their report on Email Security Services Protection. This unsponsored research assessed five email security solutions against a range of threats which they directed against real email accounts running on popular commercial email services. Symantec performed very well in this test, earning the top ‘AAA’ rating and is significantly stronger then the email security offered by Microsoft Office 365 Advanced Threat Protection. SE Labs also published a blog on this report.
Their research included a detailed analysis of messages blocked, quarantined, or moved to the junk folder. The tests included a range of attack types (commodity through to advanced) covering phishing, malware within encrypted files or from links and social engineering attacks.
Tolly – how to validate Email Security Services for Effectiveness
Tolly’s research took a different approach. They researched the effectiveness of Symantec against two competitors, and in doing so they realised that customers face a myriad of challenges when evaluating alternative email security solutions. Therefore, they explored this issue and identified a number of insights about how to evaluate different solutions taking into account email feed selection, crafting appropriate test samples, avoiding blacklists - and more. Tolly recorded a 17 minute webinar to help guide customers through these areas. Of course, their research did also test effectiveness, using many different attack types (independently selected by Tolly). As the table on anti-phishing below shows, Symantec was found to be effective in all but one the different attacks, and markedly stronger than the other email solutions on test.
Symantec Email Security – innovating to protect
At Symantec we are proud of the work we do, and remain committed to ensuring we protect all of our customers. This is why we invest to improve our service to adjust to the new threats and operational challenges facing customers. Since these tests were published we have added to our Email Security portfolio to help customers tackle the problems associated with fraudulent email, which you can read out in this press release. To find out more about the full email security portfolio we offer, visit our website.