Email Malware Detection

Helping you to keep your emails safe from cyber threats

About Client

USA

ITES

Challenges

With 90% of cyber threats starting in an email, email has been recognized as the #1 risk vector. Client wanted a product which can use multiple mechanisms to ensure that email-based malware can be weeded out on Microsoft Exchange server, both on-premise and online.

Technical Objective

Intercommunication with the SaaS application using Web Services

EWS (Exchange Web Services) API calls

Plugin-architecture for API calls

Deployment on cloud Server

Hash Management

Plugin for Virus Total API and Bright Cloud API

Solution

We developed a web application with following functionalities in it

SAAS Based Multitenant Application

Integrating Exchange API for selecting the mailbox for scanning purpose

Ability to Search based on specific Conditions /Filters such as start date, End Date , Scanning emails from specific Domains /IPs etc.

Dashboard with the following counts and pie chart of

No of mailbox Scanned and count of total Infected mail box
No of messages with Infected URL
No of messages with “PE” file attachment (high risk)
Top 10 viruses found & pie chart of viruses found
Top 10 infected mailboxes by recipient name
Top 10 mailboxes containing executable files

Report Generation for Infected Recipient with the malware Name

Risk Posture Assessment Scoring was Integrated on the scale of 0-10

Plugin Module for Virus Total API – Virus Total security Feed Configuration option which user needs to fill during registration

User were able to get detail results after scanning which included

Virus name according to VirusTotal + AV vendor Name
Number of total hits from VirusTotal
Recipients of message
Message subject
Active Directory Title for each recipient etc
map display using OpenStreetMap.org of geo-‐location based on sender IP geo-location lookup