CRI Profile PR.PS-05.03

Use anti-spoofing and email authentication mechanisms to filter messages based on validity checks of the sender domain (using SPF) and integrity of messages (using DKIM). Enabling these mechanisms within an organization (through policies such as DMARC) may enable recipients (intra-org and cross domain) to perform similar message filtering and validation.

Anti-virus can also automatically quarantine suspicious files sent through messages via services, social media , personal webmail, etc.

Anti-virus can also automatically quarantine suspicious files sent through messages via services, social media , personal webmail, etc.

Network intrusion prevention techniques can be utilized to detect traffic for specific adversary malware, in hopes of being mitigated at the network level.

Certain software configuration techniques can be utilized to detect and isolate spearphishing messages found with malicious attachments. Email authentication mechanisms allow malicious links to be filtered, detected and blocked, enabling users not to

Certain software configuration techniques can be utilized to detect and isolate spearphishing messages found with malicious attachments.

Tools that detect and block and remove malware provide protection from users deceived into opening malicious attachments or files that can be found in emails (spearphishing).

Tools that detect and block and remove malware provide protection from users deceived into opening malicious documents, clicking on phishing links, or executing downloaded malware.

Use anti-spoofing and email authentication mechanisms to filter messages based on validity checks of the sender domain (using SPF) and integrity of messages (using DKIM). Enabling these mechanisms within an organization (through policies such as DMARC) may enable recipients (intra-org and cross domain) to perform similar message filtering and validation.

Anti-virus can also automatically quarantine suspicious files sent through messages via services, social media , personal webmail, etc.

Anti-virus can also automatically quarantine suspicious files sent through messages via services, social media , personal webmail, etc.

Network intrusion prevention techniques can be utilized to detect traffic for specific adversary malware, in hopes of being mitigated at the network level.

Certain software configuration techniques can be utilized to detect and isolate spearphishing messages found with malicious attachments. Email authentication mechanisms allow malicious links to be filtered, detected and blocked, enabling users not to

Certain software configuration techniques can be utilized to detect and isolate spearphishing messages found with malicious attachments.

Network intrusion prevention techniques can be utilized to remove malicious email attachment or link to prevent/block activity where phishing messages can be sent to users.

Network intrusion prevention techniques can be utilized to remove malicious email attachment or link to prevent/block activity where phishing messages can be sent to users.

Tools that detect and block and remove malware provide protection from users deceived into opening malicious attachments or files that can be found in emails (spearphishing).

Tools that detect and block and remove malware provide protection from users deceived into opening malicious documents, clicking on phishing links, or executing downloaded malware.