Comparing protection mechanisms

In a market full of products and services that promise to solve the most varied security threats, it is important to put solutions into perspective, understand what they really deliver and never forget that no single vendor can protect from all threats.

No single vendor can protect from all threats.



The most common security mechanisms implemented by ISPs, MSPs and service providers in general are anti-spam and anti-phishing filters. Numbers vary considerably, but even the most conservative studies show that, at least, 80 in every 100 e-mails can be considered SPAM. This is certainly a big challenge to service providers but there are lots of specialized data feeds, block lists and DNSRBLs that help manage this situation.

Among all the SPAM, there is an ever increasing number of e-mails that can be considered phishing scams. Those are messages that pretend to come from legitimate and familiar brands to lure victims into giving away their personal identification information or financial data. This threat is also very well researched and many companies provide detection and mitigation mechanisms.

And among the SPAM and phishing e-mails, there is an additional threat, the presence of malware in malicious attachments or web links. In the last few years, the information security industry witnessed the usage of multiple vectors of malware infection and malicious e-mail messages are the most prevalent of them.

It is easy to observe that SPAM messages are the most prevalent, followed by phishing scams and later by malware oriented e-mails. But it is important to notice that the damage caused by such threats is inversely proportional to its prevalence.

Although SPAM and Phishing messages count as the majority of incidents, the most destructive and costly attacks certainly involve malware and ransomware infections.



An infected computer may secretly relay personal and business information to the attacker, may take part in a botnet used, for example, on DDoS attacks, or may have its files encrypted for a ransom. Apart from financial losses caused by malware and ransomware, it is important to also take into account the potential risks to brand and image reputation.

SMBs are responsible for securing their customers and should expect large numbers of SPAM and phishing, and potentially smaller amounts of malware oriented messages, but they should keep in mind the destructive and costly aspect of malware and ransomware infections.

For more than a decade, Malware Patrol maintains up to date data feeds to eradicate malware infections. Some data feeds contain malware URLs and therefore can be used in filtering systems, others list malware hashes that can match attachments, and there are also data feeds of anti-virus signatures. Malware Patrol focus specifically in malware and ransomware, its data feeds are updated every hour and provide an additional and dependable layer of protection.

Since 2005, Malware Patrol has constructed relationships with hosting providers, CERTs, CSIRTs, universities and contributors to expand its coverage and analysis of e-mail messages. Apart from those data sources, spampots are also deployed to collect and analyze the most varied threats.

We are confident that our data acquisition techniques and continuous analysis efforts create a valuable and dependable layer of security to protect SMB customers, employees and assets from the ever growing threat of malware infections.



And to continue the expansion of our detection capabilities, we are always looking to partner with companies that agree to share suspect e-mail messages with us. Our automated systems verify, detect, classify and block new threats. If you are interested in participating, please contact your Sales Manager for further details or simply start sending suspect e-mails to void@malware.com.br for automated analysis.


Andre Correa - Malware Patrol Co-founder
Information Security and Threat Intelligence Professional whose qualifications include in-depth knowledge of Internet technologies, current cyber security landscape, incident response, security mechanisms and best practices.
He founded the Malware Patrol project in 2005. The company is helping enterprises around the world to protect themselves from malware and ransomware attacks through some of the most comprehensive threat data feeds and block lists on the market.

Back to top