Don’t Get Hit by the Whaler’s Harpoon

What is Whaling?Harpoon-Whaling

Chances are you’re familiar with the term Phishing, where scammers use social engineering tactics to get users to give up personal information such as financial data, Social Security numbers, or other highly confidential and valuable information. That email you received from the “IRS” asking for your Social Security number? Don’t fall for it!

You may have also heard of spear-phishing, a more targeted form of phishing where specific individuals on any staff level may be targeted. But are you aware of the dangers of whaling? No, I’m not talking about the kind that keeps marine conservationists up at night. I’m talking about phishing attacks that are highly personalized to target high level executives.

While phishing emails are sent out to multiple recipients in the hopes that one or more will fall for the scam, whaling emails are usually only sent to select individuals who have a great deal of influence in a company. They are designed to masquerade as critical business communications sent to someone of importance, such as a CEO or other business authority, in an attempt to get the recipient to give up personal or financial information. Often, these messages contain spoofed addresses claiming to come from someone within the company. It is also common for a whaling email to claim to be from the Better Business Bureau or FBI.

Many whaling emails will contain a link that installs malware or leads the user to a familiar looking website that will likely ask for your login information. What happens next is when the problems begin. You submit your username and password, and are told that your credentials are incorrect and that you should try again. Sounds pretty harmless so far, right? Behind the scenes, however, your information has already been captured, and you are then redirected to the legitimate website, where you are able to successfully login on your next attempt – completely unaware that you just submitted valuable information to a scammer. This is why we always stress that you never click on links in an email message unless you’re 100% certain that the message is legitimate and from the purported sender.

How do “Whalers” get past Spam Filters?

Cybercriminals often use similar domain names or free email addresses, pretending to be business executives. They are able to bypass many security measures because their messages often don’t include malware links or attachments. And because they don’t typically contain links, and are often more well-written than the standard phishing attack, they are able to slip past spam filters more easily.

Do Executives Really Fall for These Scams? The Scary Statistics on Whaling

Whaling works because people often fall for these scams. The following high-level cases illustrate how lucrative the whaling business is for scammers:

In the 2008 US District Court subpoena whaling scheme, 20,000 CEOs were targeted. Approximately 2000 of them fell victim to this scheme & clicked on the malicious link in the email, which led to a key logger that secretly recorded the CEO’s passwords. It then led to further hacking attacks on the affected companies, resulting in significant financial loss or damage to company reputation.

Here is an example of the fake subpoena email. It looks official to the untrained eye, but notice the From address, which uses the domain of uscourts.com. The official domain of the US Court system is uscourts.gov, not uscourts.com. Also, it’s worth noting that official court business is never sent via email.

USCourtsWhaling

In 2015, Mattel lost $3 million in a whaling scheme in which a finance executive responded to a bogus funds transfer request claiming to come from the company’s new CEO.

In the first quarter of 2016, 41 companies were hit with phishing attacks targeting employee tax records.

More recently, the CEO of an Austrian aircraft parts manufacturer was let go after the company lost €40.9 million ($48 million USD) to a whaling attack.

And earlier this year, a 48 year-old Lithuanian man was charged with attacks on Facebook and Google. In his high-profile phishing attacks, he used forged invoices, contracts, and letters that looked like they had been signed by a company whose name he had mimicked by registering a company in Latvia with a name similar to that of a legitimate Asian-based vendor.

How do I recognize a whaling email?

So how do you know when you’re being targeted in a whaling attack? Here are some common whaling identifiers to look for in inbound email messages:

  • Is the name of the sender the same as one of my user names?
  • Is the sending domain similar to one of my domains?
  • Is the domain well-established, or is it a newly-created domain used specifically for attack purposes?
  • Does the email contain common whaling keywords, such as wire transfer, payment, etc.?

An email containing just one of these characteristics may not necessarily be a threat. For example, if the CEO’s name is John Smith, an email from another John Smith might not raise any red flags, especially considering how common this name is. But if you receive an email from John Smith that has one or more of the other characteristics listed above, such as one containing a request for payment, then you should treat it with extra scrutiny.

Avoiding whaling attacks is the responsibility of both management staff and employees alike. Follow these tips to help protect your business from falling victim.

Educate Senior Management Staff

One of the reasons spear phishing and whaling are so effective is that they target named individuals in executive or financial positions within an organization, and they often appear to come from someone known and trusted by the recipient, such as a colleague. Clever social engineering techniques are used to reel in these “big fish.” Senior management, financial staff and employees in other key roles should be educated on the effects of whaling attacks and how to spot them. They should learn to recognize common characteristics of phishing attacks like spoofed sender addresses, requests for funds transfer, unrecognized attachments, and spoofed hyperlinks. Let’s look at a few examples.

Example: Sender registered a domain similar to the company’s domain.

As you can see in this example, the sending domain looks similar to a legitimate domain, but if you look further, the domain is one digit off from the real domain.

SimilarDomain

Example: Display Name spoofing.

Does the display name in the From field match the email address?  In this example, I know my bank does not own the “fakedomain.com” domain. This is an example of display name spoofing, which is very common.

Spoofing

Example: FROM address spoofing.

Another common spoofing technique is From address spoofing. Any spammer can spoof any email address, making it look like the message came from a legitimate source. This works because email messages contain two sets of addresses – the envelope address and the message header address. I’ll explain further using U.S. postal mail as an example.

When sending a letter via US Mail, the sender needs an envelope, the address of the intended recipient, and the contents of the message (e.g. message body or letter). The sender places the address of the intended recipient on the envelope, but the recipient’s address usually appears inside the envelope as well, usually at the top of the letter. The address on the envelope is where the letter is sent, not the address on the letter itself. Thus, these addresses can be completely different.

Email works in a similar way. Like U.S. Mail, email messages also have two sets of addresses – the envelope addresses, where the message is actually from and who it is addressed to, and the address in the message header, which is what the user sees in the To: and From: fields in the message. These addresses do not have to match for the message to be delivered. Most spam messages contain spoofed From (header) addresses.

In the following example, the message appears to come from john.smith@example.com, but closer examination reveals that it actually came from frank.thomas@example.com. Most mail servers and email security products should have mechanisms in place to detect this kind of spoofing, such as reverse lookups, SPF, DKIM and DMARC, but users should be aware of this common technique used by spammers.

AddressSpoofing

Keep Personal Information Private

Scammers who want to steal your personal and financial information will look for publicly available information on social media and various other sites. Management staff should have as little personal information visible to the public as possible, including birthdays, interests, and friends and family. Social media users should review their privacy settings to ensure that this data remains hidden from the public.

Establish a Verification Process

If an employee receives an email requesting financial information, funds transfers, or other business-critical information that is not typically handled by email, verify the request from the sender via another channel such as a phone call. Companies should have documented processes on how these requests should be handled.

Protect against Data Leaks

Implement a software-based data loss prevention solution such as SecurityGateway that intercepts sensitive data and quarantines it before it has a chance to leave your network. Data Leak Prevention techniques scan email messages and attachments for highly sensitive information such as Social Security or Tax-ID numbers, bank account numbers, and passport numbers.

SecurityGateway for Email Servers

Questions or Comments?

Phishing and whaling scams have been going on for years, and they will continue as long as human nature dictates that people will fall for these scams. Don’t be the next victim. Arm yourself with the facts and your email infrastructure with the tools to avoid the whaler’s harpoons! If you have questions about our email safety recommendations, leave us a comment below!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

With today’s massive ransomware outbreak, here are a few reminders of how to avoid becoming a victim.

RansomwareAs I was coaxing myself awake this morning with my usual jolt of strong coffee, I checked my favorite news sites & was informed of yet another ransomware attack. This one, which is believed to have originated from Ukraine, was first thought to be a variation of last year’s Petya ransomware outbreak, but upon further investigation, it appears that today’s malware is a new type – a worm that some computer experts are referring to as “NotPetya“. This attack demands a smaller ransom (in comparison to other attacks) of approximately $300, and then begins to serve its primary purpose – to wipe files on the computer. According to researchers at Symantec, this attack used the same National Security Agency hacking tool, Eternal Blue, that was used in the WannaCry outbreak, as well as two other methods to spread the attack. According to information provided by this article on CNN, if you’ve installed all of the latest Windows patches, you should be safe from this particular strain of malware, however, by no means is this a reason to be complacent. Administrators and end users must still be mindful of safety precautions.

Due to the proliferation of Malware as a Service (MaaS), just about anyone with the desire and the funds can initiate a malware attack, making new & emerging threats a real concern for the foreseeable future. This presents a good opportunity to review best practices for avoiding ransomware – for end users, and for administrators via the tools available in MDaemon and SecurityGateway.

How can end users protect themselves from ransomware?

End users should be aware of the following 18 email safety tips, which originally appeared in this post.

  • Change your password often.
  • Use strong passwords. Never use a password that contains “password” or “letmein”.
  • Use a different password for each of your accounts. If you use the same password for your bank account as you do for your email account, you become much more vulnerable to data theft.
  • Don’t open an attachment unless you know who it is from & are expecting it. Many of today’s social engineering tactics rely on the ability to trick users into opening attachments.
  • Be cautious about email messages that instruct you to enable macros before downloading Word or Excel attachments. This article provides a good overview of why you should not enable macros in Microsoft Word.
  • Use anti-virus software on your local machine, and make sure it’s kept up-to-date with the latest virus definitions.
  • If you receive an attachment from someone you don’t know, don’t open it. Delete it immediately.
  • Learn how to recognize phishing
    – Messages that contain threats to shut your account down
    – Requests for personal information such as passwords or Social Security numbers
    – Words like “Urgent” – false sense of urgency
    – Forged email addresses
    – Poor writing or bad grammar
  • Hover your mouse over links before you click on them to see if the URL looks legitimate.
  • Instead of clicking on links, open a new browser and manually type in the address.
  • Don’t give your email address to sites you don’t trust.
  • Don’t post your email address to public websites or forums. Spammers often scan these sites for email addresses.
  • Don’t click the “Unsubscribe” link in a spam email. It would only let the spammer know your address is legitimate, which could lead to you receiving more spam.
  • Understand that reputable businesses will never ask for personal information via email.
  • Don’t send personal information in an email message.
  • Don’t reply to spam. Be aware that if you reply to a spam email, your reply most-likely will not go back to the original spammer because the FROM header in the spam message will most-likely be forged.
  • Don’t share passwords.
  • Be sure to log out.

How can administrators protect their systems from ransomware?

The battle against ransomware cannot be fought by users alone. Administrators must also take steps to lock down their email infrastructure. These best practices will help protect your network and users.

Best Practices for MDaemon Administrators

  1. Enable account hijack detection. This feature will automatically disable an account if a designated number of messages are sent from it via an authenticated session in a given period of time. When the account is disabled, the administrator receives a notification so that corrective action can be taken. Instructions for configuring account hijack detection can be found in this knowledge base article.
  2. Enable dynamic screening. Dynamic screening is a feature that blocks future connections from a connecting server or client based on its behavior.  Instructions for configuring dynamic screening can be found here.
  3. Configure the IP Shield. The IP Shielding feature allows administrators to assign an IP address (or IP address range) to email messages from a given domain. Messages claiming to come from a specific domain must originate from one of the approved IP addresses. Exceptions can be made for users connecting from outside of the network who are using SMTP authentication.  Click here for instructions.
  4. Require SMTP Authentication. This helps ensure that the user authenticates with a valid username and password. Instructions can be found here.
  5. Use DKIM & SPF to detect spoofing. DKIM uses a private/public key pair to authenticate a message. When an incoming message is signed with DKIM, a DNS record lookup is performed on the domain taken from the signature and the private key taken from the signature is compared with the public key in the domain’s DNS records. SPF uses a DNS record that lists hosts that are allowed to send mail on behalf of a domain.
  6. Enable DMARC & configure your DMARC record. DMARC (Domain-Based Message Authentication, Reporting & Conformance) allows domain owners to instruct receiving servers on how to handle messages claiming to come from their domain that did not pass DKIM and SPF lookups.  Learn more here.
  7. Ensure that all connections (SMTP, POP, IMAP), are using SSL. SSL (Secure Sockets Layer) is a method for  encrypting the connection between a client and server, as well as between to servers. Learn more here.
  8. Have a backup strategy. If by chance malware still manages to infect your network, your last resort is to have a reliable backup strategy. Ideally, you should have your systems backed up off-site and, for added safety, secondary backup data should be saved to media that is not connected to the network.

More information on these settings can be found in the following guide on best practices for protecting your users:

Email Server Settings – Best Practices

Best practices for SecurityGateway administrators

SecurityGateway provides an extra layer of anti-spam, anti-spoofing and anti-malware security, in addition to your mail server’s built-in security settings. These best practices will help keep ransomware and other malicious content from reaching your mail server. Each item includes a link with more information.

  1. Require strong passwords.
  2. Query a user verification source to ensure that users are valid.
  3. Require SMTP authentication to prevent unauthorized account access.
  4. Prevent unauthorized mail relaying.
  5. Protect your domain with IP Shielding.
  6. Require SSL encrypted connections.
  7. Configure backscatter protection.
  8. Don’t whitelist local addresses. If a spam messages was spoofed with one of your local addresses, this could allow the spam message to bypass various security features. This why it is recommended that no local addresses be added to your whitelist.
  9. Enable spam & virus Outbreak Protection.

These steps are discussed in more detail in the following guide:

SecurityGateway – Settings to Protect Your Mail Server

Of course, no system is 100% fool-proof, which is why user education is so important. Remember – your network and email infrastructure are only as secure as their weakest link. It is the responsibility of all parties involved – administrators and end users, to help ensure a secure messaging and collaboration environment.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Happy New Year 2017

187567849

2016 was an exciting year for Alt-N Technologies as it marked the 20th anniversary of the MDaemon email server for Windows and our ongoing efforts to bring affordable, secure, and reliable email and email security software to the small-to-medium business segment. And as many of you know, a lot has changed in the last 20 years. One thing that hasn’t changed over the years is the ongoing threat of people trying to use email as the primary method to attack an organization or steal personal information.

Like any form of communication, it can be used for good or bad. Unfortunately, when email was initially developed, its creators didn’t anticipate the ways bad actors would exploit the technology through methods like phishing, hacking, and launching disabling applications like ransomware, Trojans, etc.

On this front, Alt-N will continue its efforts to improve the security and privacy of email with features like the ones we added in 2016, such as two-factor authentication, client and server-side encryption, and others.

2016 also reflected changes the industry continues to see in the area of deployment options. We saw some resellers and customers turning over the management of their email to MSPs (Managed Service Provider) or other third-party providers. The driver for this behavior varied by customer and industry but can be summarized by the desire to move hardware and software costs from capital expenditures (CAPex) to operational expenditures (OPex), with pros and cons to each approach. Alt-N worked with many existing and new channel partners to see MDaemon Private Cloud hosted email services introduced into new markets like Africa, Asia Pacific, and Latin America with continued growth in existing markets like North America and Europe.

With regards to hosted email services, we also received growing requests from direct customers asking Alt-N to manage their email. In response, Alt-N launched its own service using the MDaemon Private Cloud version of the software by introducing WorldClient Private Email for Business. With this new service offer, we have been able to meet the needs of direct customers who want us to manage their email, such as a 600-user customer who chose our service and support after having a large Office365 reseller attempt to convert them away from MDaemon!

For 2017, we will look for sales growth in new and emerging markets while working hard to earn and retain the loyalty and support of our existing customers. We will continue our efforts to add valuable features to MDaemon and SecurityGateway for Email Servers as those products remain the focus of our development efforts. We will be working on improving features that support cloud-based deployments while keeping a close eye on the needs of customers who want the control of on-premise and hybrid environments. And we will continue to look for new ways to enhance and bring value through our partnerships with complimentary vendors like MailStore, as well as seek out new technologies and vendors to make integration with our software simple and easy to use.

As we begin 2017, we want to express our sincere gratitude to those customers and channel partners who have helped Alt-N Technologies grow these past 20 years. We also look forward to earning the business of new customers and partners as we work toward a successful 2017.

As always, we invite you to tell us what you think by sending us your feedback. You can reach me directly at kevin(dot)beatty(at)altn(dot)com.

Happy New Year,

Kevin

 

 

 

Kevin Beatty
VP, Marketing & Business Development

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Beware of New Amazon.com Phishing Scam

Scam AlertThe holidays are upon us, and with all of the giving and sharing come scams aimed at exploiting human nature and stealing our personal information, such as names, addresses and credit card numbers. This year, the scammers are at it again, with a phishing scam designed to look like an email from Amazon.com claiming that there is a problem processing your order. The scam asks you to click on a link to verify your personal information. A good example of this scam email is described on the AARP blog.

As a reminder, here are a few tips to avoid falling victim to phishing scams.

  • Never click on unfamiliar or suspicious links. If a link claims to refer to a familiar website, then manually enter the web address in the address bar.
  • Hover your mouse over images & links to review the URL they refer to.
  • Beware of “Unsubscribe” links in phishing emails. When clicked, these links can let the spammer know that your address is valid, which often leads to more spam.
  • Never reply to spam or unsolicited messages.

For more tips on how to avoid these & other scams, click here to review our post on protecting your email privacy, and stay safe this holiday season!

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Using DKIM, SPF & DMARC to Protect your Brand and Customers from Spear Phishing

Introduction

Scammers use a variety of tactics to get users to give out personal information. One very common tactic is known as phishing. Phishing is a scam where tech-savvy con artists use spam and malicious websites to deliver malware, or to trick people into giving them personal information such as social security numbers, bank account numbers, and credit card information. A more targeted (and often more dangerous) type of phishing is known as spear phishing.

What is Spear Phishing?

Spear phishing is a targeted attack that’s usually addressed to a specific individual. With spear phishing, the perpetrator knows something personal about you. He may know your name, email address, or the name of a friend, or he may have information about a recent online purchase you made. While most phishing emails will have a generic greeting such as “Dear Sir or Madam,” a spear phishing email may address you by name, such as “Hello John.” It may also appear to come from someone you know.

According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks are the result of spear phishing attacks. Earlier this year, Symantec issued a warning about an ongoing spear phishing attack targeting small and midsize businesses in the United States, India, and the UK that infects users with a remote access Trojan (RAT). A RAT gives an attacker remote access to a machine & can lead to disclosure of sensitive information and financial losses. Based on campaigns run by Symantec’s Phishing Readiness technology, on average, employees are susceptible to email-based attacks 18 percent of the time.

How can You Protect Yourself & Your Business?

Protecting your company from spear phishing attacks is the responsibility of employees as well as the mail server administrator. For employees, user education is key. This post contains helpful email safety tips for end users. For the administrator, implementing DKIM, SPF and DMARC can help reduce data breaches, financial losses, and other threats to your business. These three methods are described in greater detail below.

How DKIM Works

DKIM (DomainKeys Identified Mail) is a cryptographic email verification system that can be used to prevent spoofing. It can also be used to ensure message integrity, or to ensure that the message has not been altered between the time it left the sending mail server and the time it arrived at yours. Here’s how DKIM works:

  • An encrypted public key is published to the sending server’s DNS records.
  • Each outgoing message is signed by the server using the corresponding encrypted private key.
  • For incoming messages, when the receiving server sees that a message has been signed by DKIM, it will retrieve the public key from the sending server’s DNS records and then compare that key with the message’s cryptographic signature to determine its validity.
  • If the incoming message cannot be verified then the receiving server knows it contains a spoofed address or has been tampered with or changed. A failed message can then be rejected, or it can be accepted but have its spam score adjusted.

You can refer to the following knowledge base article for DKIM setup instructions in MDaemon:

How to enable DKIM signing and configure records

You can refer to this knowledge base article for DKIM setup instructions in SecurityGateway:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=496

How SPF Works

Another technique to help prevent spoofing is known as SPF. SPF (Sender Policy Framework) allows domain owners to publish DNS records (SPF records) to identify those locations authorized to send messages for their domain. By performing an SPF lookup on incoming messages, you can attempt to determine whether or not the sending server is permitted to deliver mail for the purported sending domain, and consequently determine whether or not the sender’s address may have been forged or spoofed.

MDaemon’s SPF settings are located under Security | Security Settings | Sender Authentication | SPF Verification. This screenshot displays the recommended settings.

SPF Settings in MDaemon
Recommended Sender Policy Framework Settings

Recommended SPF settings for SecurityGateway are outlined in this knowledge base article:

http://www.altn.com/Support/KnowledgeBase/KnowledgeBaseResults/?Number=497

These are the recommended settings for verifying SPF records of other domains. To help protect against spear phishing attacks that spoof your own domain, you should set up an SPF record in DNS. You can find helpful information on SPF record syntax and deployment at www.openspf.org.

DMARC (Domain-Based Message Authentication, Reporting & Conformance)

When a message fails DKIM or SPF, it is up to the receiving mail server’s administrator as to how to handle the message. The problem with this is that if DKIM or SPF is not set up properly, it can lead to problems. DMARC (Domain-based Message Authentication, Reporting and Conformance) takes out the guesswork on how to handle messages from a domain that are not properly aligned with DKIM or SPF.

DMARC defines a scalable mechanism by which a mail sender can express, using DNS records (DMARC records), domain level policies governing how messages claiming to come from his or her domain should be handled when they do not fully align with DKIM and SPF lookup results. In other words, if you perform SPF, DKIM and DMARC record lookups on a message claiming to come from my domain (example.com), and it does not align with SPF, DKIM, or both, my DMARC record can tell you how I want you to handle messages that are unaligned with SPF & DKIM. My DMARC record can specify whether I want you to accept, quarantine, or reject unaligned messages, and I can even go a step further and specify what percentage of unaligned messages I want you to reject or quarantine based on my policy preferences. This is useful when first deploying DMARC, as it allows you to be more lenient with rejection of unaligned messages until you’re sure DKIM & SPF are configured properly.

You can view the following recorded webinar for a more in-depth overview of DMARC, including examples and syntax of DMARC records and deployment strategy.

https://youtu.be/vrMMKmxCmqs?list=PLt-aAHf-ocsYYmpXFABce39b_CgJXXubp

This knowledge base article will also be useful:

How to Enable DMARC and Configure Records

Conclusion

While we must be vigilant against spoofing and phishing attacks, we must also acknowledge that cautious, informed users and properly implemented SPF, DKIM and DMARC policies are the best defense against cybercriminals who are intent on stealing your data and damaging your brand.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

Ransomware and Banking Trojans are Big Business

Spam is big business. With the proliferation of botnets for hire, it takes very little effort for a spammer to send out thousands of messages at a time. These messages may contain links to websites peddling counterfeit products, or they may be laced with viruses, trojans, and various other forms of malware. The barriers to entry and costs incurred by spammers are very low

There seems to be no end to the global threat of malware spreading via spam and phishing emails and propagated by botnets around the world. Over the past few months, two threats have emerged. One is a banking trojan targeting users in Brazil, and the other is the now-infamous Cryptowall ransomware.

The banking trojans are spread via phishing emails containing CPL files, which are a type of library file that executes code once it is clicked on. Social engineering tactics are used to try to convince the message recipients that the attachment contains valuable information, such as an invoice or banking information.

Click here to learn more about these banking trojans.

The other big player in the malware arena is ransomware. A recent study has shown the proliferation of phishing emails with SVG files attached. These files, when downloaded and executed, open websites with what appears to be the CryptoWall ransomware.

Click here to learn more about CryptoWall ransomware.

The common theme for both of these threats is that the user was not exercising the proper amount of caution before opening email attachments. Both of these threats where spread via phishing emails, which use social engineering tactics to trick end users into opening these messages and clicking on links or downloading attachments.

Spammers know that end users are often the weakest link in fighting spam, so it’s in the best interest of companies of all sizes to educate their users on email safety. While most mail servers and spam gateways, such as MDaemon and SecurityGateway, have numerous tools for blocking spam & malware, no anti-spam solution is 100% fool-proof. Spammers are always seeking out new methods to trick users into opening their messages, so users must learn how to stay safe and recognize potential threats.

For a review of best practices for end users, review my post “Email Safety Tips for End Users.”

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  

SecurityPlus Webinar Added to YouTube

SecurityPlus provides antivirus and anti-spam services for MDaemon. It scans all inbound and outbound mail traffic for spam, viruses, malware, phishing attempts, and other types of malicious activity to catch potential threats before they have had a chance to infiltrate your network. To learn more about SecurityPlus, including how to configure it & how to identify SecurityPlus activity in your MDaemon log files, check out the following recorded webinar.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •