April 8, 2020
Digital Arts Inc.
"m-FILTER®" Version 5.40 Released
Improved Attack E-mail Measures and Sender Domain Authentication
Information security solution provider Digital Arts Inc. (headquartered in Chiyoda-ku, Tokyo, Japan; CEO: Toshio Dogu; hereinafter referred to as "Digital Arts"; Code 2326) has begun offering an e-mail security product "m-FILTER" Version 5.40 from April 8, 2020, with a new feature for sender domain authentication (SPF / DKIM / DMARC) for a more robust e-mail source authentication functionality.
Widespread new cases of "Coronavirus" being contained in titles of attack e-mails with disguised sources
In the past several years serious damage has been caused to organizations and groups by e-mail based attacks in which external attacks target their informational assets. Fraudulent files are downloaded from URLs or opened from attachments contained in e-mails, after which files are downloaded that exploit information. These kinds of e-mail attacks mostly disguise the true source/sender. They are made to appear as if being sent by well-known companies or organizations 1. This year in particular, e-mails purporting to be from the National Institute of Infectious Diseases or the Ministry of Health, Labor and Welfare regarding the COVID-19 coronavirus have been widely circulated 2.
It can be extremely difficult for people to distinguish these e-mail attacks, so the goal has been for the worldwide spread of a solution involving IP address authentication that can track the IP address of the sending e-mail server, and sender domain authentication that confirms an e-signature to ensure that the sender's domain is not being misrepresented. This has been a major security issue that has been a focus for groups and organizations in Japan.
Sender domain authentication and Digital Arts' whitelist combine for a solid solution
E-mail security product "m-FILTER" uses a whitelist, and sending users daily an accumulated database comprising a combined list of source domains and IP addresses that Digital Arts has confirmed to be safe allows users to consistently only receive safe e-mails. In addition to this unique method, "m-FILTER" offers "Smart transmission authentication" which can determine disguised senders. This is the further-progressed version of SPF authentication technology that confirms IP addresses of the sender's e-mail server. It is also equipped with the ability to distinguish disguised body text, in which fraudulent URLs, fraudulent attached files and disguised filename extensions in e-mails can be isolated. All these features combine to form a strong line of defense in offering users a safe e-mail environment.
This new version is compatible with SPF/DKIM authentication, and DMARC which reinforces the above features and makes more stable sender domain verification possible. This results in e-mail security that can handle e-mail attacks that disguise the sender, damages from which have been on the rise recently. Additionally, new features have been added to reinforce e-mail verification technology. These isolate the e-mails with attached files-which are used in many of the attack e-mails-aiming to infect with the "Emotet" 3 malware which has run riot since the latter half of last year.
New Features in "m-FILTER" Version 5.40
Compatible with sender domain authentication SPF/DKIM/DMARC
The results of SPF/DKIM authentication for received e-mails are transmitted, and only those e-mails confirmed to be safe are able to be received.
E-mails that are not authenticated based on the above are received or isolated based on the policy designated by DMARC record.
Improved ability to determine infected attached files
82% of attack e-mails 4 with older-version Word or Excel files (.doc and .xls with macros) are isolated, including e-mails for the purpose of infecting with the "Emotet" malware.
More precise determining of disguised URLs
"m-FILTER" can handle attack e-mails with URLs that are difficult to distinguish, such as ones with shortened URLs and CGI in the body text. URLs for which the final destination page (post redirection) has been confirmed as being harmful are isolated.
Application of whitelist in "m-FILTER"
This service accumulates and stores a whitelist, which is a database comprising a combined list of source domains and IP addresses confirmed by Digital Arts to be safe, which is then sent out to users on a daily basis. This allows "m-FILTER" to offer users an e-mail environment that is being constantly updated with the latest information to be as safe as possible.
- 1 Of the 5,391 cases of attack e-mails confirmed by Japan's National Police Agency in 2019, 92% had the possibility of the source e-mail address being disguised.
- 2 The Information-technology Promotion Agency (IPA), on January 30, 2020, received information about attack e-mails using information related to COVID-19, and confirmed that Word files with macros were attached, and thus urged caution going forward.
- 3 "Emotet" is malware that was first observed in 2014, and has evolved many times. Digital Arts confirmed a case of infection in September of 2019 in which it was downloaded from a falsified website. In this case it used clever tricks to disguise itself, such as using the receiver's name, e-mail address and body text of previously transmitted e-mails. Since late last year the amount of damage has been increasing.
- 4 In incidents observed by customers' web or e-mail access using Digital Arts' "i-FILTER" Version 10, "m-FILTER" Version 5, 82% were older-version Word or Excel files (.doc or .xls files containing macros).
For more information see the security report on our corporate website (in Japanese only):
Digital Arts will continue to offer safety and peace of mind to internet society, and work to increase the level of satisfaction in all of our products. We aim to develop and offer solutions more quickly and on a wider scale for various informational assets such as web, e-mail and files, with an eye on solutions to prevent and handle the ever-increasing threat of targeted attack e-mails from outside and information leaks from inside.
- About "m-FILTER"
"m-FILTER" is a gateway type e-mail security software for businesses, government agencies and local governments that can deal with such challenges as information leaks and audit requests by e-mail, spam mail which is more prevalent year by year, and e-mail attacks, all in the same product. "m-FILTER" has three functions; "m-FILTER MailFilter" which works as a countermeasure to targeted e-mail attacks from outside and also as a countermeasure against internal information leaks, "m-FILTER Archive" which stores e-mail including attached files in real time, reducing operational load of searching for the right email, and "m-FILTER Anti-Spam" which thoroughly eliminates spam mail using the Cloudmark spam engine. This engine has the highest detection rate in the industry. From these three functions you can either select the functions according to the task you wish to solve and introduce them as needed, or introduce them all.
- About Digital Arts
Digital Arts Inc. is an information security manufacturer focused on developing security software for the web, e-mail and files.
Since the dawn of the internet era, we have been a pioneer in the industry, releasing the first web filtering software in 1998 to be produced in Japan which saw use around the world. With the knowledge we have built up since then, we offer cutting-edge information security products focused on information leaks and cyber attacks including targeted attack e-mails. Making full use of our advantages as a domestic manufacturer, we integrate our product planning, development, sales and support in Japan, and have Japan's largest web filtering database that acts as the underlying base for all of our products. Our technological knowhow has led us to hold patents in 27 countries and territories and to be well-regarded in the industry. Our extremely high level of customer satisfaction is evidenced by a 95% or more contract renewal rate. With web security software "i-FILTER" at the core, we offer "i-FILTER" for private and home use, e-mail security software "m-FILTER", and file encryption and tracing software "FinalCode" as part of our lineup for a one-stop web, e-mail and file security solution.
Our goal is to continue contributing to a more convenient, more comfortable and safer internet lifestyle. We want to continue to hold the trust of all our stakeholders as a company listed on the First Section of the Tokyo Stock Exchange as we grow moving forward.