PERNIX

Empower your business to use email safely.
Request free trial
Pernix - Dashboard

Why choose PERNIX?

Over 90% of cyber attacks begin with an email. Our intelligent email security solution, PERNIX, removes the risk of human error by ensuring users never have to make a decision about the legitimacy of an email’s sender, content, link, or attachment.

PERNIX delivers protection against impersonation, payment diversion fraud, spear phishing, business email compromise, data/IP theft, and malicious attachments, for just £30 per user, per year.

  • Negate human error
  • Implement in minutes
  • Minimise user training
  • Targeted threat protection
Prevention
Fraud-first security

One of PERNIX’s key priorities is the detection and prevention of fraud.

While most other email security solutions focus all their efforts on blocking spam, fraudulent emails are where the real dangers to your company lie.

Pernix - Emails Dashboard
Protection
Protect your VIPs

Stop CEO fraud and impersonation of execs by providing a clear warning to the user that the sender is not who they're claiming to be.

Your company's VIPs can be registered in PERNIX, so any attempts at impersonation are automatically flagged and carry a warning.

Pernix - Trusted Domains
Clarity
No need for blame

PERNIX removes the opportunity for users to make a mistake.

The banner gives clear security guidance, without requiring users to be experts in identifying email attacks.

Pernix - Banner Configuration

Overview

PERNIX uses advanced detection techniques and the latest intelligence to identify the good emails from the bad – quarantining those that present a security risk and delivering filtered, scanned emails to a user’s inbox with a traffic light banner indicating how secure the email is, and whether we’ve identified any areas of concern.

From the banner, users have the option to report an email as suspicious. This goes directly to our incident response team, who investigate fully and aim to provide a personal response to the user. The intelligence gained from these emails is fed back into the service, so we can instantly protect other users from the same attacks.

Our cloud-based mail gateway integrates seamlessly into existing mail services, such as Office 365, Exchange, and the G-suite.

Corvid

Fraud and content checks

PERNIX scans every email against a series of fraud detection and content checks, to verify its legitimacy and level of risk. The checks can be grouped into three categories:

Malware
  • Malware content – checks for attached or embedded malware.
  • File type – checks for known bad file types.
  • Active content – Microsoft Office documents and PDF files containing macros are checked for behaviour which is commonly used to stage the download of malware.
Impersonation
  • Domain impersonation – is the email from the domain it appears to be from? Techniques such as substituting adjacent letters and replacing similar letters are used to make the domain look legitimate at a glance.
  • Trusted source – is the email from one of the known source IPs that are registered for that domain?
  • VIP spoofing – is the email from the VIP it claims to be from? The display name is often spoofed to make an email appear as if it came from a VIP known to you. Your company’s VIPs can be registered in PERNIX, so the email is flagged if it claims to be from one of them but isn’t.
  • Previous email activity with sender – have you emailed this person before, or has anyone else in your company?
  • Punycode (IDN) detection – has Punycode been used to make the email look like it’s from a genuine source?
  • Reply redirection – will your reply go to a different email address to the one that’s displayed?
Malicious content/URLs
  • Secure transfer – was the email sent over an encrypted channel?
  • Domain age – has the email come from a newly-created domain? New domains are often set up to spoof legitimate domains, and to send spam.
  • Spam identification – is the email spam?
  • Decode short URLs – URL shorteners can be used to evade the checks performed on full URLs and disguise malicious links. PERNIX follows shortened links to check the actual destination is a genuine and trusted one.
  • Encrypted archive protection – password-protected documents can’t be scanned, but sharing the document password securely with PERNIX allows our system to scan the attachment for malicious content, while keeping the content and password confidential.

These checks carry out a comprehensive assessment of each email that passes through PERNIX, ensuring all potential areas of compromise are covered.

Once the checks have been carried out, PERNIX assigns a banner to each email, and sends it to your inbox.

PERNIX banner

The PERNIX banner appears on every email you receive. It uses a simple traffic light rating system (red, amber, and green), so you can be confident of the nature of each email at a glance.

  • Red – this banner provides the highest level of alert, making sure your attention is drawn to an issue that should not be ignored. If malware is attached to the email, it will be quarantined so it does not reach your inbox. You’ll still receive an email with the red banner, but we will have removed the malicious content.
  • Amber – our scans have found some areas of concern, which will show as warning messages in the banner, but PERNIX has deemed the email safe enough to be sent to your inbox.
  • Green – the scans haven’t found any issues, and the email appears to be legitimate.

Warning messages can be customised to suit individual business' needs.

The banner also displays three links to help you manage your emails:

  1. View email info – an in-depth analysis of your email, including where it came from, and a detailed explanation of any issues identified.
  2. View all emails – click this link to access email manager.
  3. Report as suspicious – if you receive an email you think may include suspicious content, click this link to send details to us, so we can investigate.

Email manager

CORVID’s email manager is a web interface where you can manage your protected emails. You can review emails you’ve received, recover deleted emails, resend emails to your inbox, and release emails that have been blocked.

Encrypted attachments are commonly used by attackers to bypass security mechanisms. You could either permit encrypted attachments and rely on users being able to identify the difference between a malicious and benign attachment, or block encrypted files, meaning sensitive information needs to be released by the IT administrator, whether they have a need to know the information or not. Neither solution is secure.

PERNIX allows you to submit passwords for encrypted files, meaning you can retain confidentiality without compromising security or needing to understand every sophisticated type of malware. Our system uses the password to automatically decrypt the file, scan it, then release it if it’s safe – all without administrators being involved, and without security being compromised.

There’s no need to remember another username and password for email manager – it’s reached via a one-time access token link, which expires after 15 minutes. If your session times out, you can request another link.

Email manager has two levels of access:

  • User – users can view emails, manage document passwords, view the user guide, and access support. Users only have access to their own content.
  • Domain administrator – in addition to the user permissions, domain administrators have access to the dashboard, can customise banner warnings, whitelist new and trusted domains, and access all content for associated domains.