Spam has always been a headache for organizations. At first it was mainly a nuisance because users had to find their way to legitimate, business emails through a heap of unsolicited messages regarding dubious pharmaceutical products, African royals or prizes won in lotteries.
The past decade saw the rise of spam as a mean of malware propagation. Nowadays, email is used by malicious agents for phishing, CEO fraud etc.
Lately we have all come across messages where the sender claims to have infected the recipient with spyware following the recipient watching adult videos, which of course is not true. The sender threatens to share the embarassing content with all victim's acquaintancies, unless he or she pays the sender in bitcoins. This extortion scheme is getting very successful as users either by naivity or fear take the bait.
Modern spam filters employ various methods in order to determine if a message is spam or not. These methods check either the sender or the text-based content of the message. The scenario described previously can be easily mitigated by checking the incoming message for patters of bitcoin wallet addresses.
But what happens if the spammer uses an image that looks like a text? In that case most filters will fail to detect the content and the message will end up in the recipient's mailbox. It would take a special feature in order to scan text in images which is called OCR.
OCR stands for Optical Character Recognition and is the process of analyzing an image to extract text. This can be applied to attached image files, images embedded in documents like Word, Excel and Powerpoint or documents scanned to PDF.
Clearswift uses OCR in order to scan text in images. Threats like the aforementioned extortion email can be mitigated by a simple lexical detection rule that will look for words, phrases or even patterns (eg bitcoin wallet addresses) that are found in such messages.
OCR can be a powerful tool to enforce DLP policies. When used in conjuction with Data Redaction an image will be redacted from sensitive information before leaving the organization confines.
OCR is available in all Clearswift's email products (SECURE Email Gateway, ARgon and SECURE Exchange Gateway). Contact us and we will help you setup an evaluation in your own environment.
Also, don't forget to watch our video about configuring OCR to detect spam messages.