Posted on

LinkedIn Published Articles

January 31, 2017 – Malware-Ransomworm Propagation

Ransomware attacks, they’re not only sophisticated, they’re proliferating. In the recent past, ransomware was normally delivered through spam e-mails, but because spam filters got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. They have obtained passwords from breached companies like Yahoo! Mail or Gmail accounts like this latest brilliant attack – pilfering sent emails sending fake attachments… that appear to be PDFs or other encrypted attachments but are actually images that, when clicked, send victims to phishing pages.

Recent Phishing Attack

http://www.theregister.co.uk/2017/01/16/phishing_attack_probes_sent_mail/

This Gmail related attack, the criminal determined that if they left Gmail with their email traffic, the security perimeter would spot it – which is true. The criminal took the top accounts they had hijacked passwords for, probably months ago, and sent these emails from their location, over multiple Gmail accounts simultaneously. Then as attachments are opened, it spreads even more.

Types of emails used on a Ransomware Attack

In a ransomware attack, victims see two types of emails:

1)     An e-mail that is addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code.

2)     An e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

Key Industries

No one company is exempt from these attacks. They’re in the news daily – hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.

These attacks are meant to cause disruption to regular operations and the inability to access the important data these kinds of organizations. Keeping people from information in this Digital World can be catastrophic in several ways in terms of the loss of sensitive or proprietary information, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation.

Access in “Private Servers” or recently, home computers have been targets and are just as susceptible to ransomware and the loss of access to personal and often irreplaceable items— including family photos, videos, and other data—can be devastating for individuals as well or used as gateways to launch into larger corporate systems individuals have access points too – because their is less security or easily overcome security.

Sleeping Intrusions

Some malware lays dormant waiting for the opportunity to lay prey to the victim, quietly investigating a potential target to see if it is vulnerable to an attack. Then once the infection is unleashed, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Most users and organizations are generally not aware they have been infected until they can no longer access their data or begin seeing computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.

Paying a Ransom

Doesn’t guarantee an organization that it will get its data back – there have been FBI cases where organizations never got a decryption key after having paid the ransom. Paying a ransom emboldens current cyber criminals to target more organizations and by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.

Ransomware Techniques

While Malware/Ransomware continue to evolve— nothing is 100%, and it’s difficult to detect a ransomware compromise before it’s too late—organizations should focus on two main areas:

  • Prevention Efforts—both in both in terms of awareness training for employees, robust technical prevention controls – like eMailGPS Security Awareness
  • Business Continuity Plan in the event of a ransomware attack – regular backup strategy, constant security updates to malware security

Tips Dealing with Ransomware

Here are some tips for dealing with ransomware (primarily aimed at organizations and their employees, but some are also applicable to individual users):

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data
  • Antivirus and Anti-Malware solutions are set to automatically update and conduct regular scans.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).
  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

eMailGPS Simplified Security Awareness and Threat Traffic Analysis

Preventing Phishing Attacks like the recent one above…

By 2018, 90% of organizations will implement at least one form of integrated Data Loss Prevention (DLP) which is integrated within other data security products, including, but not limited to, secure Web gateways (SWGs), secure email gateways (SEGs), email encryption products, enterprise content management (ECM) platforms, data classification tools, data discovery tools and cloud access security brokers (CASBs).

Security breaches are becoming an epidemic and cyber-criminal, devise new intrusions daily – nothing is 100%. A well-defined security governance program is necessary, easily understood by all users and integrates with larger security strategy.

DLP provides content inspection and contextual analysis of data at rest, on-premises or in-cloud applications and cloud storage, in motion over the network, or in use on a managed endpoint device. The executing responses ranging from simple notification to active blocking based on policy and rules defined to address the risk of inadvertent or accidental leaks, or exposure of sensitive data outside authorized channels.

Our eMailGPS, engineered solution is a niche player in the DLP Market, with a clear simplicity advantage that enables ALL end-users at a glance to identify and triage a potential security threat based upon traffic light awareness, geolocation or the verification of the “Circle of Trust” – the Anatomy of a Digital Identity.

Adding the Gmail or any email source (Yahoo Mail, etc…) account to an eMailGPS 8.x – enabled Outlook client would not have had any red (stop) or yellow (caution) dots since it all came from within Gmail cloud. It would also not have had a purple (trusted confidential) dot, since the Gmail accounts being used for the attack would not have had the eMailGPS Confidential Lock on it, but as soon as that attachment was clicked, our GeoThreat Traffic Analysis would have seen the malware attempt to communicate with the home base for the malware code control, as well as any propagation to neighboring desktops. Whether you want eMailGPS to stop it in its tracks, or simply report the activity is up to security policy of the customer. In a big customer with an IT shop I’d say stop it in its tracks with an automated local firewall rule. If it’s a home user, they may opt to block traffic or just tell someone about it, etc. By default, eMailGPS would let the security team or user if privileged the right to choose to add it to their local PC firewall, but don’t give them a way to take it back out.

Key Question

Once all your security mechanisms have allowed access… How will you protect your users?

Answer: Download the FREE Security Challenge, see how eMailGPS, Inc. simple… Stop. Glance. Geolocate. Resolve. fills your security gap and how it can be an integral part of your security. Is your Email Security standing up to the test? Most companies CISO’s have a Aha-moment!

December 22, 2016 – Reducing Risk… Where are the Gaps?

No Security solution is 100%. Hope that’s not an aha moment? The #1 problem is that 83-91% of all breaches originate from email. The FBI calls this Business Email Compromise (BEC), usually orchestrated with Social Engineering tactics. We need to be mindful that everyone is at risk, over 89% of the cybercrime originates from mob or cartel related organizations, 9% Nation State and 2% your average hacker… they are compromising our systems. Statistics show that daily… their are 156 Million attempts and 16 Million of those bypass our security systems deployed today. We spend a lot of money to educate, test and make our end-points mindful of these cyber attacks – it is lot to expect from an organization if you expect to burden this responsibility on your end-users. We all are aware, it only takes one-click to bring down a company and today over 800,000 emails have their links clicked/per day – of which any may have disastrous effect now or plant a ticking time-bomb.

Almost daily, we hear headline news of some of most favorite trusted corporations have lost our information to the bad guys… some years after the compromise. These companies lose goodwill with their consumers and fact is 66% are likely to take their business elsewhere. Let’s face it, the bad guys want your money, your intellectual property and your connections to larger organizations.

So… how can we reduce risk? Many vendors are seeking to prevent or protect against intrusions. This seems to be 90% effective with the solutions we deploy today… so the challenge is to reduce the click exposure and detect intrusions at the end-points prior to having end-users launch these disasters within our companies.

There are many layers of defensive security… today it requires many partners to provide a total solution. Looking at the Best-of-Breed in each sector closes the gaps and reduces the risk… only then can we get to near >99%… the last <1% we need to carry some form of Cyber Insurance.

Having these levels of protection in place should reduce the overall risk after all we are one-click away from a potential disaster…

Nothing was more evident than the CEO Scam at FACC!

CSO Reports on May 26,2016. FACC’s board on Wednesday fired Walter Stephan, CEO of the Boeing and Airbus supplier, due to errors made in connection with what it called a “president fraud incident” that the firm discovered in January. Fraudsters collected €52.8m ($47M USD), FACC said that its share price had fallen 38% since the incident.

The result of a January 2016 Spoofing Loss…

The fraud also left FACC with an operating loss of €23.4 million, compared with a €18.6 operating profit had the incident not occurred.

Before being stood down, Stephan told investors at the firm’s full year results on Wednesday,: “The fraud did not take place via our Internet or IT system but by means of a simulated email correspondence under my name, which does not require any hacking.”

The results could have been quite different…

Had the CEO only been required as a high-value official to geographically locate this email first, he would have seen that the IP-Address was in China and he expected Redmond, WA… he could have notified the Email Security and Support Teams and he would have mitigated the €52.8m ($47M USD) loss, the 38% Stock drop, the company would have reported a €18.6 ($21M USD) operating profit and he would still be CEO.

Isolated Threats: GeoLock Identified Operations…

Geolocate Identified Social Engineered Threat…

The this spoofing address is now also blocked by the Firewall by the Email Security and Support Teams.

Final Layer of Defense

Verify Confidence: Confidential Lock Secured Circle of Trust…

This email would be flagged as PURPLE and YELLOW under confidential lock.

Therefore, because the CEO was PURPLE but the YELLOW indicator is cause for suspicion. The GeoLock of this High-Value target is required to verify the geographic location so they can either mark it safe. However, in this case the location was unexpected and China was YELLOW, an untrusted source. This final verification sending the email to a secured corporate shield would be a strong indicator that the email was an undetected harmful threat.

Verify your emails for FREE… Download the Evaluation…

FREE Evaluationis available, installs in minutes and brings awareness within 5 minutes! Also, please visit our   website and shopping experience. New Pricing in placed to compliment Microsoft Office365 / Outlook as low as 5.5-cents/day or $20/year… own it perpetually for $40.

Still not convinced… please review our facts, differentiators and value…we are confident this will provide you the Security you need to protect yourself from compromised emails. So confident… that we will provide you the Predictive Notifier as FREEWARE.

December 17, 2016 – CISO Manifesto

Response via PDF

What we can all learn from the CISO Communities perspective as a vendor, a trusted partner and one that has CISO interests as top-of-mind.

Gary Hayslip CISSP, CISA, CRISC, CCSK

Deputy Director, Chief Information Security Officer (CISO) – City of San Diego, CA

 

November 24, 2016 – Worry-free email, just focus on business…

We have passion for security. We are looking to provide, “Simplified Security Awareness” so the end-users do not need be experts… a simple traffic light concept everyone understands.

One-Click: Stop. Glance. Geolocate. Resolve.

Stop. Simply view color of the email, the simple indicator tells you the threat level. With our Identified solution we add a pin-code to prevent an accidental open of a RED.

Glance. Even trusted emails can be compromised. See Basic Training. Simple Glance…

Geolocate. If concerned about any email “One-Click” button allows you to locate on Google Maps or Google Earth the source of any email to verify its a trusted source.

Resolve. Again with “One-Click” you can choose to quarantine an email and alert Security Teams.

Today we open our shopping experience…Microsoft Outlook Add-in for Office365.The powerful Outlook solution accepts any email program that uses POP or IMAP and will let you access your Gmail, Yahoo! Mail and other email sources by simply adding that email account to Outlook. Then you can immediate build email awareness of in-flight email threats that bypass firewalls!

Employees at a glance become the strongest link in your Network Security!

Strength comes from what escapes our expected security fences, this is the missing gap in your security… simple awareness when business emails are compromised. Do you know what happens when emails bypass your security and reach your end users? It is proven fact, that 83% of the breaches are caused by emails and this is happening day in and day out, with over 16 million emails that bypass the firewall and spam filters. We cannot expect to train end-users to be security experts, then penalize them for not reacting to an email in an appropriate way with complicated training analysis of each email. We want to simplify there experience!

Basic Training

As a generally rule, users shouldn’t reply to any emails that seem suspicious. eMailGPS provides a simple, “One-Click” process that both quarantines the email and sends a notification to Security Teams. Also, question any emails requesting actions that seem unusual or aren’t following normal procedures. Trust no one… geolocate!

Cybercriminals are not just after money, but intellectual property and gateways to other financials data. We will continue to share examples of all these intrusions on our website, articles, news, social media – Twitter,InstagramLinkedIn, Facebook and YouTube.

Glaring Reality

Now what do the Chief Information Security Officers (CISO) our security experts think about what is trending… This survey of our CISOs our most trusted experts, shows some alarming statistics that are disrupting our businesses.

I spoke to several MSP companies that build and ship end-point solutions and many state that their customers do not want to invest in security solutions. Shocking… folks it’s a pay me now or pay me later scenario…

One company stated that three of there customers were hit just in the last month by cybercrime and one of the business had to be sold – they confess now that they should have put in place better security. Cyber criminals are smart… they are ramping up, getting organized and devising new techniques daily to penetrate your company with the objective to devise better ways to extract your money, your data and your intellectual property. You can’t wait to protect yourself anymore…

We have implemented a software-driven threat triage that isolates emails.

RED, these are emails coming from high-threat sources – we isolate these emails in many ways 1) mark the intrusion RED, 2) require a pin-code to open the email, 3) one-click quarantine of email, 4) notification the security teams on the threat, 5) optionally notify monitoring systems of threats and 6) optionally automatically update the firewall and/or the spam filters of threats.

YELLOW, these are emails from untrusted sources yet to be identified as safe sources – end-users can “One-Click” quarantine and notification to Security Teams.

PURPLE, these are emails that operate in the “Circles of Trust” that have defined finger prints that identify them as emails sent by people within the circle – a SMB, enterprise, B2B, B2C, C2C, B2G and G2G. These are not GREEN because GREEN would assume the email is 100% safe and there is still a limited possibility that an intrusion has been camouflaged in a new way by cyber criminals to avoid detection.

Prepare for Cyber Monday November 28th, 2016.

Cybercrime is at it’s highest from Cyber Monday until December 31st. It is projected that 56.7% of all retail purchases will be done online. Prepare yourself for this event… completely FREE to use to verify your shopping transactions.

Verify your emails for FREE… Download the Evaluation…

A FREE Evaluationis available, installs in minutes and brings awareness within 5 minutes! Also, please visit our  website and shopping experience and receive 50% off by applying this code INTRO50%OFF. This coupon is good until December 31, 2016.

Still not convinced… please review our facts, differentiators and value…we are confident this will provide you the Security you need to protect yourself from compromised emails. So confident… that we will provide you the Predictive Notifier as FREEWARE.

November 10, 2016 – The Security Problem… Cyber criminals are after your money, your data and your intellectual property…

If you haven’t taken steps to protect yourself, take action now. Email is the most common threat for attacks – 83% of the time this was the origination of the attack. Most cyber-attacks exploit basic vulnerabilities in the Internet, IT systems and software. Small businesses are now targets as they can lead to corporations via social engineered emails or devastating a small family business like this by $40,000 email scam.

As a professional thinking partner to Chief Information Security Officers (CISO)… I would like you to ponder this…

The Security Problem: CISO state… these issues should be resolved before the end-point or “end-user” is affected.

So are they resolved… we took a closer look for gaps in security, currently the firewall/spam-filters ONLY STOP… roughly 90% of the intrusions. So what does that mean…

A GAP clearly exists that Cyber Criminals are exploiting.

What happens to the over 16 million emails (10% of the emails), that make it to the end-point our end-users GLOBALLY DAILY? It wreaks havoc on our lives, our businesses and our finances… just one click can create the destruction of a business or an individual. Let’s take a look at our options and our reliance on their importance and the success rate they drive.

What is available to us…

Training

Our users are diverse, some sophisticated and others not. These end-users are now expected to triage the email to ascertain if the email is safe or unsafe – one click could spell an email disaster. A basic security training series is enough, I have seen companies that offer over 16 classes to train and equip the end-user with the right cyber essentials to combat the barrage of emails that proliferate our security daily.

Understand Social Engineering – Understanding the basic fundamentals of threats delivered and their counter measures to social engineering, pre-texting, diversion theft, phishing, baiting, quid pro quo, tailgating, and countermeasures.

How to do Predictive Email Analysis – Best Practices & Integration of threats to the consumer, SMB and corporations, an in-depth understanding of notifier messages and what they mean and what to do afterwards.

Where did my email Orginate – Understanding the geolocation in Google Maps and Google Earth in relationship to Email Security and the management of intrusion detection and protection with in the business.

Success Rate of Training

Many solutions today only relies on training, testing and more training – expensive and proven still to be ineffective. The training they receive is highly complex, requires them to perform forensics off a card that coaches them what to look for – it is proven that 48% of trained personnel still had breaches, to reinforce the training – end-user receive robotic emails to attempt to validate they are doing their job – this is ineffective, provides a scorecard rating which opens up other HR related issues, lowers productivity and is trying to make them security experts which they are not.

Automation and Simplification

A simple color-coded solution (like a traffic signal), that brings awareness to the end-user to use caution as they would if they were driving a car… every knows if the light is red or yellow they are conditioned to respond appropriately. If a RED condition occurs they can send these to the security team to resolve or if the firewall is integrated automatically block the firewall (optional). If a YELLOW condition occurs they can send these to the security team to have these added as trusted sources (after geolocation of course), or indicate this is not a trusted source and to block future emails. A GREEN (substituted by PURPLE) condition indicating they are operating within a trusted circle in SMB, corporations, C2C, B2C, B2B, B2G or G2G… to insure operating integrity of the sources and people within an organization.

Success Rate of Software-Driven Threat Alerts

A basic simplified security training series coupled with a software-driven notification and geolocation system provides the end-user with vigilance that an email is suspected as an intrusion.

In-Flight Real-Time Software-Driven Threat Alerts!

Worry-free email, just focus on business… fingerprint each email.

Email Security Triage is Complicated.

User Experience is everything…

Simplification of Security end-points is the objective!

November 4, 2016 – Simplify Building Security Awareness…

Free Business Email Compromise (BEC) Webinar that can simplify awareness to any end-user, at anytime instantly!

Learn more about BEC and how to leapfrog your current methods and challenges of getting end-users to comply with end-point current solutions. It is already proven that those methods are 50/50 at best and do not capture the attention of the masses in your organization. CISO and CXOs agree that IT Security teams have a security gap. The FBI confirms in 2105 that BEC is the #1 security threat and our organizations are vulnerable. Email and social engineering must depend on the end-users to determine a cyber security threat. End-users do not have the expertise… its like alphabet soup acronyms, challenged learning skills, complex training methods, robot “surprise quiz” testing of end-users and score cards implicating users not meeting the organizations high standards.

Learn how to TRANSFORM your business. Implement security, compliance and governance of your email systems, real-time on every email. In-flight without any IT built-in delays. That is so simple… any end-user in your organization can identify each email threat simply. End-users one-click triage to alert potential untrusted threats to IT Security teams.

We make an employees life simple… so as end-users they can quickly identify threats… at a glance in any organization… with any email.

Instant Best-Practice Email Security Compliance

In addition to instantly categorizing emails by threat level and trustworthiness by, providing email security best-practice workflows. Why it is important once you identify a suspected email, to restrict email access to and to notify security teams to prevent other users from unknowingly enter into dangerous email activity. Why eMailGPS forcing sender identity verification when interacting with sensitive email senders by forcing end users to verify the sender’s geolocation before replying. How to ensure compliance is met throughout A organization’s training, software and real-world experience. Knowing untrusted email IP sources at the desktop means someone faking their identity will be revealed to any email user, without the need for extensive training or expensive security awareness resources.

Instant Value to Any Email Security Governance Strategy

An organization’s Help Desk and Security teams are the backbone of the companies’ security defense to ensure all firewalls and spam filters are configured to stop intrusions. Any email security solution must have a way to compliment any onsite or cloud firewall and/or SPAM filter security, and instantly add end-point security to enable end-users of any technical background. How strengthening the overall A organization’s Security Strategy can occur with little to no training. Email governance is a form of management that dictates how email messaging is used in a corporate setting and how email intrusions are handled in a timely fashion to reduce risk. It also addresses how to secure information that is exchanged via the email system.

Instantly Gain Confidence in Email Conversations

To close out the webinar with extreme email security value, the eMailGPS team will discuss how to operate in a “Circle of Trust” worry-free email benefits. Circle of Trust, creates a high level of trust for emails you send and receive within the A organization’s circle of enabled end-users who share the same An organization’s Company Key. A “Circle of Trust”, creates high-confidence paths between all An organization’s B2B clients who share the same An organization’s Company Key. Circle of Trust, deploys quickly and easily and requires no cloud-based connectivity to keep your users and partners protected from email scams of all kinds.

Event Registration: Seating Is Limited – Sign Up your Organization Today!

To provide the most complete solution overview and relevant information, this eMailGPS series will be restricted to 25 connections per session. For a larger organization, please organize a room for multiple attendees. Participants that are organizing group attendance should contact us to discuss coordination of WebEx invite for the eMailGPS event and must be completed at least four (4) days prior to the event.

About eMailGPS, Inc.

“Simple Security Awareness of In-Flight Real-Time EMAIL Security”. Stop. Glance. Geolocate. Encourages a Single-Pane-of-Glass for all email to converge under the Microsoft Office365 / Outlook Security Add-In. eMailGPS emerged out of Stealth in September 2016, it tightens your Office365 / Outlook email security and builds awareness of in-flight email traffic from delivering harmful threats, a Security Company.

October 24, 2016 – Worry-free email. Stop. Glance. Geolocate.

Security is all about people… Your employees may only be one click away from an email disaster… Enable your employees with simple “at-a-glance” triage and let employees become the strongest link in your Network Security!

We make life simple… so end-users quickly identify threats… at-a-glance!

@eMailGPSInc, it’s all about awareness… Stop. Glance. Geolocate. In-Flight Real-Time Software-Driven Threat Alerts! Worry-free email, just focus on business… we fingerprint each email.

You need a simple non-complex worry-free email environment that provides for INTRUSION DETECTION, INTRUSION PROTECTION and INTRUSION PREVENTION – a solution! No more new-school awareness training, no manuals, no triage card, no compliance scorecard and no monthly fees!

Create a “Circle of Trust”… finger print your environment, people, key business partners, now patent-pending technologies…

Please review the article… “https://www.linkedin.com/pulse/hillary-clintons-email-server-things-could-have-been-different-john?trk=pulse_spock-articles”.

eMailGPS, Inc., STOP. GLANCE. GEOLOCATE. “Simple Security Awareness of In-Flight Real-Time EMAIL Security”. Encourages a Single-Pane-of-Glass for all email to converge under the Microsoft Office365 / Outlook Security Add-In. eMailGPS emerged out of Stealth in September 2016, it tightens your Office365 / Outlook email security and builds awareness of in-flight email traffic from delivering harmful threats, a Security Company with a target market of 1.5-2 Billion end-users.

October 20, 2016 – Security: Educational Awareness vs. Software-Driven Awareness

We are talking apples and oranges here… the complex every changing world of Educational Awareness drives end-users and companies via “Score Cards” and Robotic tests to catch unguarded end-users to see if they are paying attention to there training. When the Score Card revels they are a the weakest link in the Security Network they are sent back for more training. A vicious circle that keeps Small-Medium-Business (SMB) and corporate enterprise continually paying exorbitant fees to re-train end-users, knowing full well cyber-criminals change the game daily so they will have new training to deploy and new revenue generators.

eMailGPS is both a Strategic Technology by address the #1 FBI Cyber Crime

and a Disruptive Technology breaking the the vicious cycle for the current industry solutions.

Gartner Identifies with Strategic Technologies

Gartner defines a strategic technology trend as one with the potential for significant impact on the organization. Factors that denote significant impact include a high potential for disruption to the business, end users or IT, the need for a major investment, or the risk of being late to adopt and how fast this innovation spreads through the culture. These technologies generate significant new value and impact the organization’s long-term plans, programs and initiatives.

Disruptive and Sustaining Innovation

Sustaining Innovation does not create new markets but rather only evolves existing ones with better value. Allowing the firms within to compete against each other’s sustaining improvements. They are developed by established companies often seen as a leaders or challengers in the market. Adding a new feature like robotic testing to ensure end-user compliance is a method to insure integrity but it further erodes the confidence of the end-user as the weakest link in Network Security.

Disruptive Innovation is an innovation that disrupts an existing market, innovations that improve a product or service in ways that the market does not expect that infringes on current customer value. Products based on Disruptive technologies are typically cheaper to produce, simpler, smaller, better performing, and, frequently, more convenient to use. eMailGPS makes life simple, by delivering this and more building the confidence of the end-user employees, so at-a-glance end-users quickly identify threats and become the strongest link in your Network Security!

Today firewalls and spam filers only block up to 90% of security threats.

Operations run smoother with Firewall and Spam Filer providers integrated with eMailGPS to achieve a real-time Intrusion Detection and Prevention Systems (IDPS) providing the unification of hardware and software. eMailGPS will be extending offers to the vendors in the Network Security Appliance Industry that are interested in joining forces via a tactical and/or OEM partnership to provide an automation gateway combining their hardware intelligence and our in-flight intelligence to update their firewalls and spam filters real-time. This would be a joint step to achieving a >99% trusted environment that both prevents and protect the end-users from social engineered emails that are coming from trusted and untrusted sources.

We feel eMailGPS grows your capabilities to successfully combat and defeat these threats… but only together these partnerships will provide the strongest defenses yet against cyber criminals.

eMailGPS, Inc., STOP. GLANCE. CONNECT. “Simple Security Awareness of In-Flight Real-Time EMAIL Security”. Encourages a Single-Pane-of-Glass for all email to converge under the Microsoft Office365 / Outlook Security Add-In. eMailGPS emerged out of Stealth in September 2016, it tightens your Office365 / Outlook email security and builds awareness of in-flight email traffic from delivering harmful threats, a Security Company with a target market of 1.5-2 Billion end-users.

Email Awareness

Real-Time Software-Driven Threat Alerts

You need a simple non-complex Intrusion Detection, Intrusion Prevention and Intrusion Protection solution… no more new-school awareness training, no manuals, no triage card, no compliance scorecard and no monthly fees! eMailGPS, installs in 2 minutes, provides awareness within 5 minutes, has a FREE Evaluation discover quickly what you do not know is getting through your firewalls and spam-filters immediately and are posing potential threats to your consumer email accounts or Small-Medium-Business (SMB) or enterprise organization and to CEO Scams and High-valued threats. We are open to discussing under a NDA how we approach the B2B, B2C, B2G, G2G, C2C under our Corporate Shield Protection and Corporate Lock technology that prevents Hillary Clinton type scandals. We can be found at www.emailgpsinc.com.

October 20, 2016 – Hillary Clinton’s EMAIL Server… things could have been different.

Cyber Awareness Month, if the US State Department, had used eMailGPS, Inc. for departmental email security under eMailGPS, Inc. “Secured Operations”and the rest of the US Departments of the Government deployed this “Circle of Trust Operation” things may have well been different…

Secured eMail Shield Protection to key industries financial, retail, airlines, etc. as they communicate sensitive information.

Secured Add-in for Microsoft Outlook, prevents the piercing of the corporate shield. It’s like fingerprinting your company and then all the employees to ensure 100% integrity and verification of every email, within the corporate structure that all the employees both local and remote have a classified clearance Confidential LockTM, at the email level and operate within a Corporate Shield Intrusion ProtectionTM. The Confidential LockTM provides the building blocks for these types of protections. Additionally special custom iterations are available. However, below are some common modes of operation that provide “Circles of Trust within Circles of Trust”.

  • B2B Business Shield Intrusion ProtectionTM – would provide safe email conduct between two businesses whereby key personnel of the business or the whole business operate safely between entities.
  • B2C Consumer Shield Intrusion ProtectionTM – would provide safe email conduct between a business and its consumers so they may operate safely between each other.
  • C2C Mediator Shield Intrusion ProtectionTM – would provide safe mediator initiated email conduct between two consumers so they may operate safely between each other.
  • B2G Government Shield Intrusion ProtectionTM – would provide safe email conduct between a business and the government so they may operate safely between each other.
  • G2G Shield Intrusion ProtectionTM – would provide safe email conduct between two governments whereby key personnel of each government or State Departments operates safely between each other.

Operational Awareness Reveals simple at a glance security that indicates if a server is out of network. Employees at a glance become the strongest link in your Network Security!

eMailGPS makes life simple… so end-users quickly identify threats… Hillary’s EMAIL Server would have appeared within the “Circle of Trust” of any Department she interacted with as YELLOW and PURPLE…

Security Personnel and ALL end-users would have been alerted that all her emails were not trusted. Therefore, security cold have pulled the server under the circle of trust or blocked the IP-Address and forbidden communications to the “Circle of Trust”.

Secured Operations

Intrusion Prevention to enforce Corporate Verification Compliance

Provide security compliance by enforcing highly confidential corporate, government or highly sensitive email user authentication. Breaches of this compliance are immediately routed to the Security Escalation team as cyber-crime.

Secured Add-in for Microsoft Outlook, prevents the piercing of the corporate shield. It’s like fingerprinting your company and then all the employees to ensure 100% integrity and verification of every email, within the corporate structure that all the employees both local and remote have a classified clearance Confidential LockTM, at the email level and operate within a Corporate Shield Intrusion ProtectionTM.

eMailGPS, Inc., STOP. GLANCE. CONNECT. “Simple Security Awareness of In-Flight Real-Time EMAIL Security”. Encourages a Single-Pane-of-Glass for all email to converge under the Microsoft Office365 / Outlook Security Add-In. eMailGPS emerged out of Stealth in September 2016, it tightens your Office365 / Outlook email security and builds awareness of in-flight email traffic from delivering harmful threats, a Security Company with a target market of 1.5-2 Billion end-users.

Email Awareness

Real-Time Software-Driven Threat Alerts

You need a simple non-complex Intrusion Detection, Intrusion Prevention and Intrusion Protection solution… no more new-school awareness training, no manuals, no triage card, no compliance scorecard and no monthly fees! eMailGPS, installs in 2 minutes, provides awareness within 5 minutes, has a FREE Evaluation discover quickly what you do not know is getting through your firewalls and spam-filters immediately and are posing potential threats to your consumer email accounts or Small-Medium-Business (SMB) or enterprise organization and to CEO Scams and High-valued threats. We are open to discussing under a NDA how we approach the B2B, B2C, B2G, G2G, C2C under our Corporate Shield Protection and Corporate Lock technology that prevents Hillary Clinton type scandals. We can be found at www.emailgpsinc.com.

October 18, 2016 – Our world has changed rapidly. Can we ever have secure discussions again?

Everyday… we read about cyber criminals bypassing our firewalls and spam filters, CEO Scams and High-value losses in the millions… Hillary Clinton using a untrusted server and conducting Government business on it… the FBI cites Business Email Compromise (BEC) as the #1 threat and reported losses of ~$250M in 2015. I can tell you from the handful of news stories in 2016 this has increased 2-3x.

Does our ability to secure discussions mean that anyone outside of that security is a threat?

The answer to that would be No, it just means the person can’t be verified by eMailGPS. The prospect simply needs to agree to make it a security policy that discussions between us and them need to be given the awareness of trusted, the discipline of identified, and the verification of secured and they become a customer.

It would be impossible for any security product to deem anything for sure with the cyber criminals changing there tactics daily. But, building software-driven email AWARENESS, and performing forensics at the source of the end-user workflow, will instill a higher level of confidence – eMailGPS claims to fame.

One identified with the one-click quarantine, partnering with Firewall and Spam Filter providers will allow updating of both of these via eMailGPS to prevent any subsequent attacks from the same location.

Any complex security training process and triage card or product that said otherwise would fall off pretty quickly in either disbelief by security people, or just falling short all the time. There are some pretty alarming statistics that prove this…

Having said that here is another way to answer the question:

eMailGPS software-driven solution tags each suspected email in plain view of the end-user so they can make a informed decision… human error still exists, but BEC exposure is drastically reduced.

  • Anything that comes in red should be considered a higher level threat than usual
  • Anything that comes in yellow, and appears to be from someone you know, should be given extra consideration before acting
  • If you are a finance group, legal, or other higher security group – Anything that comes in red should be given extra consideration by entering a PIN code too open
  • If you are a finance group, legal, or other higher security group – Anything that comes in from someone with purchase approval or top org chart, should be GeoMapped before taking action on email
  • Any email that seems suspect, should be verified with a GeoMapping report if action on the email is required
  • Any email that seems suspect, and the end user is unable to make a decision on safety, should be sent to the support group with one-click quarantine geolocation information
  • Any organization that requires a high level of confidence that all communications are safe, should have Confidential Lock between all entities – internal and external

Adopting these practices, which is fast and easy to do, dramatically reduces the chances of being victimized by social engineering, and other email related security threats.

eMailGPS, Inc., “Simple Security Awareness of In-Flight Real-Time EMAIL Security”. Encourages a Single-Pane-of-Glass for all email to converge under the Microsoft Office365 / Outlook Security Add-In. eMailGPS emerged out of Stealth in September 2016, it tightens your Office365 / Outlook email security and builds awareness of in-flight email traffic from delivering harmful threats, a Security Company with a target market of 1.5-2 Billion end-users.

Email Awareness

Real-Time Software-Driven Threat Alerts

You need a simple non-complex Intrusion Detection, Intrusion Prevention and Intrusion Protection solution… no more new-school awareness training, no manuals, no triage card, no compliance scorecard and no monthly fees! eMailGPS, installs in 2 minutes, provides awareness within 5 minutes, has a FREE Evaluation discover quickly what you do not know is getting through your firewalls and spam-filters immediately and are posing potential threats to your consumer email accounts or Small-Medium-Business (SMB) or enterprise organization and to CEO Scams and High-valued threats. We are open to discussing under a NDA how we approach the B2B, B2C, B2G, G2G, C2C under our Corporate Shield Protection and Corporate Lock technology that prevents Hillary Clinton type scandals. We can me found at www.emailgpsinc.com.

Microsoft Office365 Outlook Add-in. Tighten your email security and protect in-flight email traffic from delivering harmful threats.

September 19, 2016 – A New Startup is Born

It’s my great pleasure, to launch this new start-up eMailGPS, Inc., an Identity and Access Management (IAM) Security Add-in for Microsoft Office365 Outlook. This announcement, comes at a time where cyber-crime is on the rise…

FBI in 2015 reported 64.4 Million claims resulting in $1.07 Billion in losses and over $246 Million (23%) was from “Business Email Compromise (BEC)” – the key is reported!

Cyber-Criminals are waging war against our corporations, to obtain trade secrets, draw in our executives to release funds for payment, or even to bring down a company from operation, like Appalachian Regional Healthcare in August 2016 was down for 3 weeks from a cyber-attack.

Deficiencies exist in your FIREWALL and SPAM Filters

This has escalated far beyond normal to 158 Million emails/per day globally of pear-phishing attacks, malicious code, and disastrous links. About 10.2% or 16 million of these bypass the firewall and spam filters daily reaching their intended end-user target – it’s estimated >800,000 of those emails are activated daily wreaking havoc within companies and personal email systems.

Unfortunately, the core email protocols do not have any mechanism for authentication, so it is common for spam and phishing emails to use spoofing to mislead the recipient about the origin of the message and sneak past a company’s security. Cyber-criminals use the open nature of email against their victims and security solutions today are still unable to stop human-to-human email deception.

The Digital Economy is erupting…

This emerging economy is driving the Cyber Security Market and the major forces driving this market are the increases in security breaches targeting enterprises. TheInternet of Things (IoT) and Bring Your Own Device (BYOD) trends are compounding this growing security insurgence due to the lack of stringent compliance and regulatory requirements – with a projected trillion devices by 2020.

Security firms are doing their best to keep up with the continual changes in the Identity and Access Management (IAM) market: Encryption, Anti-virus, Anti-Malware, IDS,Intrusion Protection Systems (IPS), tweaking Firewalls, increasing network layers, applying stronger passwords, etc.

Microsoft Outlook Product Backgrounder

The main purpose of Office365 Outlook use is to facilitate the recording, tracking, and management of certain types of “personal information” – used mainly as an email application. These add-ins are enhancements to Microsoft Outlook application that provide new functional capabilities that allow Microsoft Outlook to automate some routine operations.

Microsoft Outlook desktop and laptops account for over 1.4 Billion Outlook clients. Microsoft has many trusted partners that provide a wide portfolio of add-ins for Outlook. eMailGPS, Inc. is joining those ranks with an innovative, desperately needed security technology for Outlook, which can easily be adopted as a defacto- standard to fight BEC on every Outlook client.

Welcome to eMailGPS…

eMailGPS has developed, an Intrusion Detection and Prevention System (IDPS) that’s predictive in nature, that can analyze emails in-flight and instantly alert the end-user to the the fact the email source is untrusted – moving (detection) forensics to the desktop or laptop.

The end-user is always the first-line of defense of any organization to proactively combat a threat. Empowering the end-users by providing them the ability to inquiry geographically on any location of any email sent to them, at anytime to see if this is what they expect. But, it’s the alerts eMailGPS provides that guide end-users to specifically pay attention to color flagged email’s, their origins as a trusted or untrusted source.

Once threats are identified, we provide simple collaboration between the end-user and security teams, eliminating the triage, allowing security teams to instantly begin to strengthen the companies security (prevention) derived from the valuable end-user input. Email systems begin to settle down over the first month and provide a stable work environment we call Trusted.

A day does not go by that email is top-of-mind in the news. Since January 2015 the FBI shows a 270% rise in email scams, and tracked losses from 2013-2016 to over $2.3 billion in real dollars lost. Email threats are real… they’re on the front-page of every newspaper, with Hillary Clinton email scandals, CEO scams, phishing schemes and social engineered spoofing. As recently as May 2016 a CEO was fired after a ‘fake CEO’ email scam cost the firm $47 million.

Expected Operations…

Unexpected Operations gone undetected…

eMailGPS can be deployed across thousands of desktops in a single day, freeing up the IT Security Team resources, which have been on a upward headcount trend to manage the growing organizational threats. By returning their precious time usually spent on investigative forensics, eMailGPS allows them to focus on more critical security issues within the company knowing that eMailGPS is proactively at work safeguarding the end-users email from cyber-criminals social engineering.

Detected and reported…

Security teams block the firewall and spam filters. We are looking for Security Partners that we can automate this process with to instantly block these intrusions. joining forces via a tactical and/or OEM partnership to provide an automation gateway combining their hardware intelligence and our in-flight intelligence to update their firewalls and spam filters real-time. This would be a joint step to achieving a 99-99.999% trusted environment that both prevents and protect the end-users from socially engineered emails that are coming from trusted and untrusted sources.

eMailGPS requires no server-side installations and is completely contained with the Outlook desktop or laptop client as an add-in, making eMailGPS compatible for both cloud and onsite email deployments; software delivery systems and integrations with 3rd party monitoring systems – CA, HP SPLUNK, Solar Winds, SIEM systems and more…

We feel eMailGPS grows your capabilities to successfully combat and defeat these threats… but these future partnerships jointly will provide the strongest defenses yet against cyber criminals.

Please download our evaluation today… and visit our comprehensive website for more details…

Posted on

eMailGPS, Inc. Launch…

eMailGPS Launch - Eclipse EMail CyberCriminals

Today, we chose Sept 1st, a date when a solar eclipse was to occur… pretty random… but very cool. Hopefully, we eclipse the cyber-criminals with our new email Security offering… I think we all have had enough of these criminals preying on us inside our email, piercing our Digital World to scam and disrupt our lives.

eMailGPS, Inc., a startup in the Microsoft Outlook Email Security Market addresses three markets: consumers, SMB and corporations. We are focused on Intrusion Detection & Protection of email Systems. Protecting us from the world of posers… cyber-criminals who prey on you socially… trick you into believing they are someone whom you trust, they are very clever! emailgpsinc.com is determined to STOP cyber-crime within your e-mail and allow you to spy on where they are coming from using Google Map and Earth…

We launched the website today. We will have a 10-day evaluation after Labor Day and shopping soon afterward. If anyone is interested… please be patient as we come online. Check out the web content, grab an EVAL and if interested here is a 50% Introductory coupon “email50offgps”, you can tuck away if you are interested in the product.

Posted on

Hello Cyber Security World!

Welcome to eMailGPS…

We feel we have an exciting Add-in to Microsoft Outlook.

Cyber Security is top-of-mind… email security is in the news with disaster after disaster…

It’s a global issue! Email scams, hijacking your email address, faking out (spoofing) … pretending you are some ones close friend and in reality you have hijacked their email address and are posting email to in order to use social engineering to capture sensitive information to steal money … they really are just a lurking cyber-criminal…

Gives us a try… we think you will like what you see. Our Desktop version releases September 1st 2016 this a very popular e-mail client with consumers and businesses globally. Microsoft Outlook is by far the most comprehensive Personal Information Manager (PIM), used mainly for email and calendar functions. We work with hundreds of, Email sources analyzed by eMailGPS include any IMAP, POP3, or SMTP email provider approved for use with Microsoft Outlook – GMail, Yahoo! Mail etc… can be placed into Outlook and provide a “Single-Pane of Glass” view of all your email sources.

eMailGPS Solutions

Note: Mobile version designed for Outlook.com on your mobile device (You are protected at your home, office or in-flight mobility), and Enterprise Data Center for the virtual Outlook user that is not installed on the desktop.

eMailGPS operates in the Identity and Access Management (IAM) market. We provide Intrusion Detection Systems(IDS) and Intrusion Prevention Systems(IPS) worldwide eliminating email risk and reallocating security personnel to the more important tasks of plugging the “Security Holes” that we provide them… we are providing a safe haven for the end-users in which to operate comfortably.

Consumers should evaluate the Trusted Add-in, this provides – Trusted Intrusion DetectionTM, that contains the core technology for email intrusions:

  • Predictive NotifierTM (Scan’s in-flight for trusted server, their origins and threats coming before the user opens the email);
  • Real-time Identity ScanTM(RIS) (Identifies an email’s identity as a trusted IP source based on security policies);
  • Geolocation MapTM(Ad-hoc email origin mapping for identity verification, email forensics, or asset location.);
  • Post Threat NotifierTM (Align end-users with enterprise security strategies by providing a “one-click” email forensics reporting that automatically bundles and geolocates the suspect email’s information for internal security teams, help desks or external managed service providers to use for resolution.)

Small-Medium-Business (SMB) should look at the Identified Add-in to protect it’s CxOs, VPs and high-valued executives by forcing a GeoLock TM on these executives to validate the location they send and reply to insure they operate with the highest integrity – High-Valued Shield Intrusion ProtectionTM

Corporations should look at the Secured Add-in this is prevents piercing of the corporate shield. It’s like fingerprinting your company and then all the employees to ensure 100% integrity and verification of every email, within the corporate structure that all the employees both local and remote have a classified clearance Confidential LockTM, at the email level and operate with Corporate Shield Intrusion ProtectionTM.