Connect with us

Features

Email Security – Paladion’s Approach

Published

6 years ago

on

Email phishing and business email compromises (also known as BEC or CEO fraud) are among the biggest challenges that organizations are facing in 2018. A phishing email contains one or more bad URLs or bad attachments and targets many individuals at the same time. A BEC attack usually targets one highly-placed individual and uses high level sophisticated social engineering.

BEC / CEO Impersonation Attacks 
In BEC or CEO fraud, hackers craft emails to impersonate specific senior management executives, vendors, or suppliers to trick the recipients into transferring money or providing sensitive information to the hackers. The attackers first do their research on their targets via LinkedIn and other social media. The specially prepared emails may also contain attachments with hacker tools like keyloggers and mouse event trackers for installation on a victim’s PC or mobile device.

The skillful personalization of the email content by attackers serves two purposes. First, it helps the email to pass through spam filters and other checks for undesirable emails. Second, it persuades the victim that the sender is somebody that the victim knows and trusts. For example, a CFO might be convinced that a fake email for an urgent funds transfer was sent personally by the CEO. Attackers also time their attacks to coincide with absences or business trips of the purported sender, making it difficult for the recipient to double check that the email is authentic.

Paladion’s Approach to Email Security

There are several best practices that when used together can be effective in containing the problem and that we have listed below.

Tighten Email Security Configuration
Implement SPF, DKIM, DMARC: Sender Policy Framework (SPF) restricts emailing to a list of servers allowed to send email for a given domain. DomainKeys Identified Mail (DKIM) is used to verify that emails have not be changed after leaving the originating server. With Domain-based Message Authentication, Reporting and Conformance (DMARC), an enterprise defines a policy for using SPF and DKIM, together with the reporting of email statistics for conformance.

Open relay prevention: Also called an insecure relay, an open relay is an email server that relays emails from a third party. Spammers can locate such open relays relatively easily. They can then use them to send large amounts of junk mail (or worse).

Multi factor authentication (or 2FA) for all users: When a BEC attack involves an attacker accessing an executive’s email account, making MFA a security policy will make such illicit access more difficult. For example, two-factor authentication or 2FA may consist of account credentials (only the account owner should know these), plus a code sent to the account owner’s mobile phone (only the account owner has this phone).

Subscribe to TI feeds to filter out emails at entry point: Threat Intelligence feeds can list compromised domains. Filtering rules based on this information can reduce the amount of email attacks, although very recently registered or compromised domains may not always feature in the latest TI feed.

Subscribe to Advanced Malware Protection modules: Advanced malware protection goes beyond simple signature matching to perform other inspection and analysis, such as checks for malicious dormant and dynamic code that might otherwise be missed.

Anti-spam filters for bad file types: A classic example of a risky file type is “.exe”, the file type of an application. Microsoft Office file types may also be blocked or flagged upon reception, as MS Word, Excel and other Office documents may contain malicious macros or scripts.

Monitor Your Emails Wisely

Filtering based on location, subject, sender: There are two basic choices: keep known offenders out (blacklisting); or only let approved senders in (whitelisting). Each choice has its pros and cons.

Bad attachment found based on hashes: Attachment file names can be changed at will and tell-tale file types can be hidden behind others. On the other hand, the hash of the file content allows immediate checking against a list of hashes of files of known hacker tools and applications.

Special focus on spam emails received by VIP or high-risk members: So-called whaling attacks can be harder to detect, as they rely more on social engineering and less on malware. VIP awareness training should also be mandatory.

Correlate email threats with other cases like brute force and failed logins: Remember that attackers can use several attack methods. If you detect a phishing campaign, check other attack surfaces and vulnerabilities that may be threatened at the same time.

Consider Additional Security Controls

User awareness trainings: Employees are often the weakest link in information security and enterprise security policies alone are not enough. Employee behavior must change and proper awareness training helps them develop good security habits.

Similar domains registered like yours: Machines are excellent at picking out the smallest differences, but human beings are less so. Use awareness training to demonstrate how even small differences of a letter or two in a domain name can indicate hackers at work and threats of email compromise. (Domain Typosquatting is where an attacker registers a similar sounding domain to yours and uses it for trapping victims. Register your domain records for people to identify the genuine domains and initiate take down services for Typosquatted Domains that have been proven to cause an attack impacting you or your users.)

Social Engineering exercise: Everybody needs to do this. Make sure that VIPs and other employees do not fall for fake URLs or malicious attachments, and that all departments follow a strict policy of checking email requests for fund transfers or for sensitive information via another channel (face to face or phone, for example).

Consider advanced email solutions with email inspection capabilities: Good inspection capabilities can help stop or contain email attacks and campaigns, identify known and unknown malwares in email attachments, and detect data exfiltration via emails.

Email attacks can be very lucrative for hackers when they scam top executives or people working directly for them. With so much information available today on social media and elsewhere, hackers can often piece together the data they need to make a business email compromise attack look like an authentic everyday operation to its targets. By applying the practices described above, you will at least be able to significantly reduce the risk of such an attack succeeding on your enterprise or organization.

By Prashant Verma, AVP, MDR – IR & Forensics at Paladion

Related Topics:
Continue Reading

Features

Redefining Real Estate: The Rise of Wellness-Centric Spaces

Published

2 months ago

on

March 14, 2025

By

By Mark Phoenix – CEO of Sankari

The way we think about real estate is evolving, and at the heart of this change is a renewed focus on wellness. As we become more aware of the profound impact our living environments have on our health and well-being, it’s clear that real estate must go beyond aesthetics and luxury—it must support a lifestyle of vitality and longevity. To me, true luxury is no longer defined solely by opulence but by spaces that promote health, balance, and connection.

The demand for wellness-oriented spaces is growing rapidly, and real estate developers must rise to meet it. Today’s buyers are looking for more than just high-end finishes and exclusive locations—they want environments that enhance their well-being. Integrating wellness features such as fitness centers, yoga studios, meditation areas, and holistic health services is no longer an option; it’s a necessity. These spaces don’t just add value to a property; they create communities that create physical health, mental clarity, and social engagement.

Wellness-centric design is about more than just adding amenities—it’s about creating environments that encourage movement, relaxation, and human connection. By prioritizing well-being in real estate, developers can offer residents a lifestyle that aligns with modern values and aspirations. These spaces cultivate a sense of belonging, allowing people to come together in ways that enrich their lives beyond the walls of their homes.

Beyond individual benefits, wellness-focused communities have a lasting impact on society. As more people seek out homes that support their health, the real estate industry has an opportunity to lead this cultural shift. Developments that incorporate sustainable materials, biophilic design, and eco-friendly building practices not only benefit residents but also contribute to a healthier planet.

In the ultra-luxury segment, this focus on wellness is especially meaningful. The most sought-after properties are no longer just about extravagance—they are about creating a sanctuary where people can rejuvenate both physically and mentally. True luxury lies in thoughtful, health-driven design that enhances everyday life in meaningful ways.

Designing for wellness also means partnering with visionary architects and designers who understand the importance of both form and function. In regions with challenging climates, for example, innovative solutions can help reduce environmental impact while enhancing comfort and efficiency. Securing sustainability certifications like LEED further reinforces a commitment to responsible development and aligns with the global movement toward eco-conscious living.

For me, integrating wellness into real estate is more than just a trend—it’s a deeply personal mission and a strategic imperative. The places we live should do more than just shelter us; they should actively contribute to our health and happiness. By embedding wellness into the very foundation of luxury real estate, we’re not just shaping beautiful spaces—we’re shaping better lives.

Continue Reading

Features

We are bringing tradition to every table in just five minutes

Published

3 months ago

on

February 20, 2025

By

Kerala breakfast

Exclusive Interview with Ashvin Subramanyam, CEO International Business, Orkla India

In this exclusive interview, Ashvin Subramanyam, CEO of International Business at Orkla India, shares insights on the brand’s participation at Gulfood 2025 and its mission to blend tradition with innovation in the Middle East. With the launch of Eastern’s 5-Minute Breakfast range and a refreshed Arabic spice portfolio, Orkla IMEA is redefining convenience without compromising on authenticity.

What can we expect from Orkla IMEA’s presence at Gulfood 2025, and how significant is this event for your brand’s growth in the region?

At Gulfood 2025, Orkla IMEA, subsidiary of Orkla India, is set to make a strong impact by unveiling the Eastern 5-Minute Breakfast range, designed to bring the authentic flavors of Kerala to the fast-growing ready-to-cook market in the Middle East. In addition, visitors can expect a refreshed Arabic spice portfolio, reflecting Orkla India’s continued commitment to catering to the diverse culinary preferences of the region.

Gulfood is a key platform for us as it enables us to showcase our latest innovations to a global audience, including retailers, distributors, and food industry leaders. The Middle East is a strategic market for our expansion. By blending tradition with convenience, our goal through this event is to become a household name across diverse communities in the region, reinforcing our commitment to quality, authenticity, and innovation in packaged foods.

How does Gulfood help Orkla IMEA connect with new markets, consumers, and industry partners, particularly in the Middle East?

Gulfood serves as a vital gateway for Orkla India to connect with new markets, consumers, and industry partners through its subsidiary Orkla IMEA in the Middle East. As one of the world’s largest food and beverage trade exhibitions, it provides an unparalleled opportunity to engage directly with key stakeholders, including retailers, distributors, and hospitality businesses, facilitating strategic partnerships and market expansion.

For Orkla India, this event is instrumental in understanding regional consumer trends, preferences, and evolving dietary habits, particularly in the fast-growing packaged food sector. The launch of the Eastern 5-Minute Breakfast range and refreshed Arabic spice portfolio at Gulfood allows us to showcase our innovation in convenience-driven yet authentic culinary solutions.

By participating in Gulfood, we strengthen our brand presence, foster collaborations with regional partners, and position ourselves as a trusted name in ethnic and mainstream food categories. It’s a key milestone in our vision to become a household name in the Middle East.

Eastern is set to unveil its preservative-free quick South Indian 5-Minute Breakfast range. What was the inspiration behind this concept?

The Eastern 5-Minute Breakfast range was inspired by the growing need for convenient, time-saving meal solutions that do not compromise on authentic taste and quality. South Indian breakfasts, particularly Kerala’s traditional dishes, are deeply rooted in culture, requiring significant time and effort to prepare. However, with modern lifestyles becoming increasingly fast-paced, many consumers struggle to recreate these meals from scratch.

Recognizing this shift, Eastern set out to bridge the gap between tradition and convenience by crafting a range that retains the authentic flavours and textures of Kerala’s most-loved breakfasts while eliminating the long preparation time. The preservative-free formula ensures that consumers enjoy fresh, wholesome meals made from high-quality ingredients in just three easy steps, ready in five minutes.

With this innovation, Eastern empowers busy professionals, young families, and expatriates to stay connected to their culinary heritage without compromising on their schedules, making traditional breakfast accessible anytime, anywhere in just 5 minutes.

Can you give us an insight into the development process behind this 5-Minute Breakfast range, especially in maintaining authentic South Indian flavors without preservatives?

The development process for our 5-Minute Breakfast range began with a deep understanding of our consumers’ evolving lifestyles and their desire for authentic Kerala-style breakfasts that eliminate a lengthy preparation process. We identified a unique need-gap: while traditional dishes like Puttu, Appam, and Idiyappam are much-loved, the time and effort they require can be challenging in today’s fast-paced world.

Our journey involved benchmarking these dishes to the traditional methods used by homemakers, capturing the essence of how an amma would prepare them at home. This set the standard for the flavor profiles we aimed to achieve. The challenge was to replicate the authentic taste and texture while ensuring our products were preservative-free.

Our R&D team worked tirelessly, conducting extensive trials to balance authenticity and convenience. Through our innovation center we crafted recipes that retain the goodness of traditional Kerala breakfasts while being ready in just five minutes. With this range, Eastern redefines breakfast convenience, allowing families to savor the true flavors of Kerala in a fraction of time.

With over one million Keralites in the UAE, how does Eastern plan to cater to both the traditional tastes of this community and the broader multicultural audience?

With almost two million Keralites in the UAE, Eastern understands the deep emotional and cultural connection this community has with its traditional cuisine. The Eastern 5-Minute Breakfast range is designed to preserve the authentic flavours of Kerala while offering a convenient solution for modern lifestyles. By using high-quality ingredients and a preservative-free formula, the range ensures that the taste and texture remain true to tradition, making it an ideal choice for Malayalees longing for home-cooked meals.

While there are other instant and ready-to-eat options in the market, Eastern’s range stands out by offering dishes like Puttu and Palappam, which traditionally require culinary expertise and time-consuming preparation. These dishes are not widely available in the quick- convenience food category.

At the same time, Eastern is expanding its reach to a broader multicultural audience by showcasing South Indian cuisine as a flavourful, nutritious, and easy-to-prepare option for all. The simplicity of the 3 Easy Steps preparation makes these dishes accessible to non-South Indian consumers who are eager to explore new flavours. Through strategic retail partnerships, digital outreach and and aggressive in-store sampling, Eastern aims to introduce and establish South Indian breakfast as a preferred choice for consumers in this region.

What’s one thing about Orkla IMEA that people might not know but should?

While Orkla IMEA was incorporated recently, we have been in the region for over 25 years now, through our brand Eastern.

Continue Reading

Features

2025 Hospitality Tech Trends

Published

3 months ago

on

February 12, 2025

By

By Prince Thampi, Founder and CEO, Hudini

As we approach 2025, the hospitality industry is poised for transformational growth, driven by evolving traveller preferences and advancements in technology. The future of hospitality promises enhanced convenience, personalisation and sustainability, with a significant focus on creating memorable experiences for guests. Let’s dive into five key trends that will shape the hospitality tech landscape in 2025 and beyond.

  1. The Continued Rise of Frictionless Technology

The increased demand for frictionless experiences is set to dominate the industry, with more and more travellers preferring hotels that offer touch-free check-in, check-out, and room access via mobile apps. This trend reflects a broader shift towards easy interactions powered by seamless digital integration. Mobile apps have been an essential tool for a few years now, enabling guests to manage their stays, order room service, and access hotel information effortlessly. With the introduction of Gen AI, those apps have become more powerful than ever and are now able to provide highly personalised recommendations and speak in different languages.

Hotels embracing this trend will gain a competitive edge, as tech-savvy travellers prioritise convenience and efficiency during their stay. According to a recent survey by Deloitte, around 72% of travellers are more likely to choose a hotel that offers mobile check-in and check-out services over those that don’t.

  • Hyper Personalised Guest Experiences

In 2025, personalisation will continue to be at the core of hospitality services but will finally be taken to the next level thanks to Gen AI. Guests expect hotels to anticipate their needs and offer tailored experiences, from customised room settings to personalised dining recommendations. Apps powered by AI are now able to predict guest needs based on a wealth of data, ingested from the hotel systems or fed externally.

Leveraging guest data and insights, hotels can create unique offerings that cater to individual preferences. This level of personalisation not only enhances guest satisfaction but also fosters loyalty and repeat bookings. According to Oracle’s findings, biometrics and AI are set to play pivotal roles, with 62% of guests valuing automated recognition for personalised interactions. Biometrics will experience a breakthrough into mainstream hospitality in 2025. Facial recognition technology has matured significantly and is ready to be weaved into the guest experience. It will enable better security and guest recognition while protecting their privacy at the same time.

  • AI-Enabled Customer Service

Artificial intelligence is revolutionising every aspect of the hospitality industry, but will be by itself a new way of providing customer service. Chatbots and virtual assistants are becoming standard tools for handling common queries, offering instant support, and streamlining operations at any time and in any language.

AI-driven solutions not only enhance efficiency but also provide guests with 24/7 assistance, ensuring a smoother and more satisfying experience. By integrating AI technologies, hotels can free up staff to focus on delivering exceptional in-person service.

  • Sustainability and Eco-Friendly Practices

Sustainability is no longer optional, it’s a necessity often enforced by regulation. Travellers are increasingly favouring hotels that adopt eco-friendly practices, such as using locally sourced food, implementing energy-efficient operations, and reducing waste.

By prioritising sustainability, hotels not only meet guest expectations but also contribute positively to the environment. This commitment to green initiatives enhances brand reputation and attracts environmentally conscious travellers. A recent survey by Booking.com found that 83% of global respondents believe more sustainable travel is vital, with 49% believing there aren’t enough sustainable travel options and 53% saying they get annoyed when a hotel prevents them from being sustainable.

Smart use of technology is key in the sustainability journey of hotels. Technology can accurately measure the reduction in carbon footprint, it will help reduce energy and adopt renewable energy sources, and will enable the effective management of food waste. Many hospitality apps allow guests to apply green energy settings to a room, some will even exchange your energy savings to loyalty points.

  • The return of ‘real’

With Gen Z – the first generation grown up with everything digital – becoming the next large group to travel, the craving for ‘real’ experiences is bigger than it ever was. Hotels focusing on truly unique and hyper local experiences; a great meal, cultural outing, or wellness treatment will win the hearts of this generation.

Fortunately hotel apps, AI, automation of processes, sustainability tech and the removal of cumbersome processes like checking-in and studying paper manuals will free up hotel staff to allow them to do what they do best: providing unforgettable, personalised and sustainable experiences.

Continue Reading

Trending

Please enable JavaScript in your browser to complete this form.

Copyright © 2023 | The Integrator