Today’s announcement of Mimecast acquiring Segasec should help companies close another important gap in the race against the rampant phishing and credential theft attacks.
As Mimecast builds out their Email 3.0 strategy, the acquisition of Segasec will put the heat on bad actors who are busy stealing credentials by impersonating many of the world's biggest companies. With so many phishing attacks attempting to lead users to fake or impersonated web sites where they unknowingly give up login credentials and other sensitive information, many of the largest online companies become the biggest targets.
Mimecast continues to extend their email security platform to protect against the growing email-led threat vector. While many email security companies have implemented filtering techniques to detect and slow down url and domain spoofing, impersonation sites have been left unattended. Segasec’s subscription service proactively hunts down impersonation sites and shuts them down. This is kind of like going after the drug dealer’s home instead of the drug user. To accomplish this, Segasec continuously monitors domain name registrations, certificates, social networks, and more, looking for indications of impersonation. And when they find them, they have several methods of blocking access or taking down the impersonated sites.