For IT Security folks, especially those in a large corporation, dealing with Threats Security or External Content Threats Security has a potential to take away a significant operations time. So what is External Content Threats Security?
External Content Threats Security usually involves threats through many threat agents which evolve over time. These threat agents could be across an Enterprise Office platform, a database or a website within a corporate environment’s intranet or on a public network such as the Internet. External Content threats security deals mostly with the following threat agents which include Hyperlinks, Data Connections and Web Beacons.
Hyperlinks: This threat agent is usually exploited by attackers who create websites containing malicious code or content. These might include phishing sites containing these hyperlinks enticing a user to click on a link outside their trusted domain.
Data Connections: This threat agent is exploited by attackers who create data connections to databases or other data sources and then use these connections to either extract data and use it to gain further access or manipulate the data.
Web Beacons: If you ever used Microsoft Outlook or most Desktop email clients or even web clients, you see that the email has not been fully downloaded and there might be images to be downloaded, waiting for your authorization. While saving network bandwidth is one of the reasons, it also helps in security.
If a malicious hacker wished to exploit the Web Beacons threat agent under External Content Threats Security, he would embed an invisible link as part of a remote image in an email message. This message may or may not be flagged as spam. However, if you the user opens this email message, the embedded link is activated which downloads the remote image. However, when you do this, information about you is transmitted to the attacker. This could include your email address(proof that this email exists helps email spammers greatly) and also your IP address.