How do you protect your home / small business from email-based threats?

[Tech9]

sandbox it

As always, too many barriers and precautions may cross the convenience borderline. At home it may work well, but in a business environment it may reduce the productivity. I deal with multiple email accounts daily, attachments and links in emails are very common. I want to see what's incoming before some artificial intelligence cuts it off. Obvious spam collects to designated folders, but I check those folder often. It happened already multiple times to find there legitimate business correspondence. This is what AI does. What I do for critical spots - 2x hardware in sync and data on minimum 2x places. I don't remember hackers/phising issues, but I remember well a few unexpected hardware failures.

 

[dosborne]

Gmail does a pretty good job for me and filters to spam although I do get a couple a week that end up in my inbox.

I don't use quad 9, but I use a Canadian option https://www.cira.ca/cybersecurity-services/canadian-shield

One curious difference I find is that my Hotmail account gets little spam even though it should as I use it on purpose when I sign up of less secure sites. I wonder if some of it gets filtered without hitting the spam folder.

Unfortunately, my Gmail account is generic and WAY TOO MANY people with a similar name use my address all the time. As a result, I have all their personal info including credit cards for many of them. I consistently have over 10,000 emails in the spam folder before they prune by age.

When I ran my own mail server I spent 100s of hours writing code to block spam. It would start by identifying threads and progressing increase ip blocking until complete subnets would be blocked. It was an adaptive ai that worked extremely well (IMO).

 

[bbunge]

For over 16 years I volunteered at a faith based not-for-profit and managed the network. The facility hosted an organization that collected used computers and equipment, refurbished what could be reused for needy folks and recycled the rest. Other hosted organizations collected items to be reused in our community and around the world. Good things were done. I had first pick of the networking hardware that came in and did my best to make do. The WIFI was "G" and the cable was slow.
Initially I set up an IP-Fire firewall/router based on an old PC. This worked very well as it provided a way to get a block list for inappropriate web sites as well as OpenVPN for me to manage things remotely. This did a great job to keep the clients on the LAN safe. However, using old hard drives proved a problem as a couple failed and caused me more work. At the time SSD's were not available.
After the RT-AC68U was available we purchased two. One for the warehouse office and one for the computer refurb folks. I had used John's Fork, Merlin firmware and Asus factory over the years with those work horses. Being able to use AiProtect as well as Quad9 just about stopped issues I had had with folks getting their clients infected. For guests I at one time had a separate router running No Dog Splash. When AiMesh became available I switched to that to enable guest WIFI all over the warehouse. I had reduced to one LAN and added an AC66U_B1 for another mesh node. Worked wonderfully and with AiProtect I was able to reign in some folks who were not careful surfers. In the past seven years there was only one client that picked up malware.
I retired from supporting this outfit four months ago. My replacement was a young gamer more interested in speed than safety, The Asus routers are gone along with the security cam system I built and from what I've heard there have been several clients that have gotten hacked. So much for good work (and I was never thanked for those 16 years).

 

[L&LD]

No good deed goes unpunished. Ever.

 

[itpp20]

...My replacement was a young gamer more interested in speed than safety...

A fool with a tool is still a fool.

Ever since 1995 when windows 95 had a kernel with sandboxing capabilities I've been sandboxed ever since, but even before that with doubleDOS and Qemm from Quaterdeck you could sandbox programs (if you are familiar with the assembler and C+ api at the time).

Whenever a cat or a rat sh*ts in my sandbox they get thrown out. Zero trust, zero access.

 

[SSri]

Had PfSense on an old hardware. One of my friends took that away last week for the 2nd time - not the same person - in as many years.

Now, back on Hitron router - Cisco switch and hard wired mostly. The workstation uses the native windows firewall manually configured rules for inbound and outbound connections. Dashlane password hardened by YubiKey for internet facing activities, where ever possible, including emails.

Apple’s iPhone and iPad uses ceiling mounted Unifi AC Pro. Guests uses separate wifi access than what we use at home.

We just have one IoT device, which is hard wired.
Our home automation is now in a serious planning stage.

I am in the market to source a new hardware for a firewall. We want to lock down the network before implementing the home automation. We defo need IDS/IPS, given the home automation. So, definitely need a decent system.