URL Defense is the first line of protection against the accidental introduction of malware and account breaches by employees browsing and email handling processes.

URL defense is a part of cyber security

In phishing attacks, the one consistent fact is that they all start with email. While SPAM filters block spam, targeted phishing is its own beast, and requires its own protection. Often carefully masked to appear legitimate, they are often meant to phish for credentials or deliver malware – and that’s where malicious links become so dangerous. Some links or hosted content can also become malicious after they are delivered via email, meaning they pass a conventional/gateway scan and rest in your inboxes. This is why URL Defense is becoming increasingly integral to a cybersecurity plan.

What is URL Defense?

In a targeted phishing email, the attacker will send a perfectly legitimate looking and effective email, complete with subject lines, reply-to and header from addresses, and all the fine details that go into a perfectly legitimate email message. The goal is to get you to trust the email was sent from a legitimate source and for you to click on a link, reply with targeted information, or follow their instructions without thinking. 

With HTML email, you can view the destination of a link before clicking (by hovering over it, for example. URL Defense is a solution for those who might click the link without knowing where it actually leads, submit a password or unknowingly download malicious spyware, ransomware or other executable software that then works its way into the PC and company network. This often results in the server shares to which the affected employee has access, resulting in data corruption on the server.  

How does URL Defense work?

URL Defense rewrites destination URLs before they pass through the receiving email server, causing any clicks on links to be routed through the ESS, giving the ESS an indication of whether or not a URL is malicious and whether the user should end up at the destination.

With URL Defense, many factors are taken into account by the ESS to gauge the risk of the destination as malicious. A range of factors are accumulated, and the result is scored. Factors include: Alexa Rankings, Email Velocity, sender reputation, previous gathered data about other malicious links and more. URL Defense will also scan the destination website for malicious code or redirects to other malicious sites. If a website is deemed malicious, the user is blocked from access, and they can’t circumvent it.

What Does URL Defense Protect Against?

Threats that start with a link contained in an email body are addressed with URL Defense. Ransomware, Targeted Phishing, drive-by downloads and more are often initiated with a malicious link. URL defense stops this from happening because the link will be delivered rewritten no matter the email client used to access and click on the link.

If you’re interested in learning more about how QBS ESS can protect your IT environment, please call or email me.

Gary Abosch
Senior Director, IT & Service Operations
Quality Business Solutions
410-337-3700