logo XD
logo Antler

ExchangeDefender Blog

ExchangeDefender General Security

At ExchangeDefender we’ve always seen ourselves as the firewall that keeps unwanted email content entering or exiting our clients network. To keep compliance simple we never deleted  emails – if the content was objectionable we would scan it, log it, and let org and user policies choose what happens to the message.

As the email world becomes more dangerous, with AI capable of conducting social engineering scams at scale, IT teams are looking for new policies that can handle it.

At ExchangeDefender we work closely with our partners around the world and this feature is courtesy of Tommy from Twisted Networx.

Tommy is hardly alone when it comes to this issue, some businesses pride themselves on the amount of money they spend on aggressive marketing via email. Ghost resubscribes, unsubscribe pages not working, confusing UI to trick you into buying or sharing info, and endless scams are just a part of business on the Internet these days. It’s something ExchangeDefender can help you fix.

We’re introducing Reject Policies.

If you’ve identified an organization you do not want to communicate with for any reason, or if you have a network you want to keep out, or if you just want a quieter quarantine: ExchangeDefender will now reject the email on your behalf and you will never have to see it again.

For compliance purposes we will of course log the rejection in the Domain Admin logging facility at https://admin.exchangedefender.com but the message meta and any data will be rejected at the edge of the ExchangeDefender network. This way you will still be able to troubleshoot mail flow and make adjustments as needed.

We’re building a more flexible, powerful ExchangeDefender to meet real-world business challenges—and your feedback plays a big part in that. If you’ve got ideas that could make your email experience more secure or productive, we’d love to hear them.

New features and updated policies are rolling out later this fall. Stay in the loop by visiting https://support.exchangedefender.com, checking out our blog, or following us on social media.

General Industry News Phishing Security

If you’ve ever shared a big file online, chances are you’ve used WeTransfer. It’s quick, it’s easy, and most importantly—it’s trusted. And that’s exactly why scammers love it.

Lately, there’s been a wave of phishing emails that look like they’re coming from WeTransfer. You get a message in your inbox saying something like:

  • “You’ve received files”
  • “Here’s your invoice via WeTransfer”
  • “Download your contract now”

Sounds legit, right? The problem is, those links don’t actually take you to WeTransfer. Instead, they lead you to sketchy sites designed to steal your email login, personal info, or even infect your computer with malware.

Fordham Edu

https://medium.com/@resonance.security

So, how do you spot a fake?

Here are some quick red flags:

  • Check the sender’s address. Real WeTransfer emails come from @wetransfer.com. Anything else? 🚩

  • Hover over the link. If the URL doesn’t point to wetransfer.com or we.tl, don’t click.

  • Unexpected transfers. If you weren’t expecting files, especially invoices or contracts, double-check with the sender.

  • Scare tactics. If the message pressures you with “download immediately” or “expires in 1 hour,” take a breath. That urgency is a classic trick.

  • Attachments. WeTransfer usually gives you a download link, not random attachments with .zip or .exe files.

What’s at risk if you fall for it?

A lot, unfortunately. Clicking on a fake transfer can mean:

  • Your email or cloud account gets hacked.
  • Sensitive data leaks into the wrong hands.
  • Your device gets hit with malware (worst case: ransomware).

How to protect yourself

The good news? Staying safe is pretty simple:

  1. Verify before you click. If someone says they sent you files, confirm with them outside of email (call, text, Teams, Slack—whatever you use).

  2. Turn on MFA. Multi-factor authentication makes it way harder for scammers to break into your accounts.

  3. Keep your guard up. Train yourself (and your team, if you’re running a business) to spot phishing tactics.

  4. Update your devices. Security patches and antivirus tools help catch threats before they cause real damage.

How ExchangeDefender Helps

Here at ExchangeDefender, we take phishing attacks like these seriously. Our filters flag suspicious links, block spoofed domains, and keep bad emails out of your inbox before you even have to think about them. Plus, we love keeping you in the loop with updates like this—because knowledge is one of the best defenses.

Our Expert Tip:

WeTransfer is a great tool, but remember: scammers always follow trust. The more popular a platform is, the more likely it’s going to be abused. So next time you see that “You’ve received files” email—pause, hover, and think before you click.

Sources

General Industry News PRO TIPS Security

Let’s face it—most small businesses don’t wake up thinking today will be the day they get hacked. But when it happens, the impact can be swift, serious, and long-lasting.

A small business has suffered from a cyber-attack—what could be the resultant damage?
Spoiler: It’s a lot more than just a locked computer screen.

Let’s break it down in plain English.

Financial Fallout

Hackers love going after small businesses because defenses are often weaker—and payouts can still be big.

  • Ransomware may demand thousands just to give back access to your files.
  • Phishing or business email compromise could lead to fraudulent money transfers.
  • Remediation costs (forensic investigation, legal help, software cleanup) stack up fast.

And while you’re fixing all that…

Time Is Money—And You’ll Lose Both

Most small teams rely on a few key systems to keep things moving. When those go down, so does your ability to do business. Orders get delayed. Calls go unanswered. Work comes to a screeching halt. And while the tech side gets untangled, your customers? They’re already wondering what’s going on.

You might be offline for hours. Maybe days. Either way, your clients won’t wait forever.

It Gets Personal Fast

A lot of cyberattacks aren’t just about locking up files—they’re about stealing data. That could mean employee records, customer information, payment details, contracts, or anything else sensitive. If that data ends up exposed, you may have to notify everyone affected. In some industries, that’s not just a courtesy—it’s the law.

And if clients lose trust? That can cost far more than any ransom demand.

The Recovery Isn’t Just Technical

Once the threat is handled (and your blood pressure returns to normal), you still have to deal with the cleanup. That might mean replacing devices, hiring an expert to audit your systems, redoing your cybersecurity setup, or retraining your team.

The worst part? This whole situation was probably preventable.

You Don’t Need an IT Department to Be Protected

Most small businesses don’t have a dedicated IT team—and that’s exactly why hackers love targeting them. They count on people being too busy, too stretched, or just unaware of the risks.

That’s where we come in.

ExchangeDefender is built for teams like yours—small, mighty, and ready to protect what matters. From secure file sharing to bulletproof email protection, we make cybersecurity simple, affordable, and human.

ExchangeDefender General Product Features

We’re excited to roll out a brand-new feature in ExchangeDefender that makes managing your Allow/Block lists faster, smarter, and more flexible: Policy Import & Export.

Your Allow/Block lists are one of the most powerful tools you have for controlling what lands in your inbox. With ExchangeDefender, you already get this control at three levels:

  • Service Provider (big-picture defaults),
  • Domain (organization-wide policies),
  • User (personalized lists managed directly by each user).

ExchangeDefender makes them available on the Service Provider level, Domain level where they apply to every user in the organization, and User level where they are managed by the end user themselves by interacting with ExchangeDefender and their mail flow. Now you have the ability to export and import allow and black lists and manage your policies in bulk.

Why We Built This

Sure, partners have been asking for it—but that’s only part of the story. More and more, compliance teams, auditors, and SOC analysts want visibility into these policies. On top of that, IT admins are looking for better ways to integrate with SIEM, pull data into logs, or just do some long-overdue cleanup.

With Import & Export, you’ve got the flexibility to:

  • Verify compliance with external audits.
  • Sync policy data with your security tools.
  • Clean up legacy lists in one shot.

How It Works

Head over to admin.exchangedefender.com.

  • Users: Go to Trusted Senders.
  • Domain Admins: Go to Allow / Block List.

You’ll see shiny new Import and Export buttons right at the top. Go to your Trusted Senders (as user) or Allow / Block List (as domain admin) and you will see an Import and Export button on the top left. The interface is simple and intuitive.

Exporting Policies

Need a backup or want to feed your SIEM? Click Export, pick your scope (allow or block), and choose your format (.csv or .xlsx).

Your download link appears instantly and sticks around for 24 hours. Want another copy? Just export again. Need to clean up old exports? One click deletes them. Easy.

Importing Policies

Time for some inbox spring-cleaning? That’s where Import shines.

When you upload, you’ll pick the domain and policy type (allow or block). At this point, you can:

  • Start fresh by checking “Delete all existing policies” (highly recommended for cleanup).
  • Or simply add to your existing lists.

From there, just upload your file and ExchangeDefender takes care of the rest—your policies are instantly updated.

Just import the file and the system will create all policies for you. Or you can type them in manually, which is great for everyone that wants to see visually what they are adding to the policy list and you don’t want to click a thousand times to do that.

This feature is all about giving you more control, efficiency, and peace of mind when it comes to managing your Allow/Block lists.

We hope this helps streamline your workflow and keeps your policies tidy. Got ideas for how we can make ExchangeDefender even better? We’d love to hear them—reach out on social media or at support.exchangedefender.com.

General Security

(and why ExchangeDefender is your easiest fix)

For most small businesses, email is the default way to communicate, send documents, close deals, and support clients. It’s fast, familiar, and convenient.

But under the surface? It’s also where some of your biggest risks live—risks that most SMBs and MSPs don’t see until it’s too late.

That’s where ExchangeDefender Encryption comes in. It’s not just about locking emails—it’s about solving the real problems you didn’t even know you had. Here are five issues it tackles the moment you turn it on:

1. You sent it to the wrong person

Mistakes happen. But when they involve sensitive info, they can turn into major incidents.

ExchangeDefender Encryption makes sure that even if your email ends up in the wrong hands, it can’t be read without proper authentication.

2. Your attachments are exposed

Contracts, client data, tax info—your attachments carry the good stuff. And without encryption, they’re easy targets.

With built-in attachment protection, ExchangeDefender keeps your files locked tight during transit and storage.

3. You have zero visibility

Standard email doesn’t tell you what happens after you hit “send.” Did they open it? Forward it? Screenshot it?

ExchangeDefender gives you detailed tracking and read receipts, so you stay in the loop.

4. Your team uses different email platforms

Some use Outlook. Some use Gmail. Others are mobile-only. Security gaps are everywhere.

ExchangeDefender works seamlessly across all platforms—no special downloads, no learning curve, just secure email everywhere.

5. You’re worried about compliance

HIPAA. GDPR. CMMC. It’s a lot. And falling short isn’t an option.

ExchangeDefender offers auto-detection, policy enforcement, reporting, and message expiration tools to make compliance a breeze.

Bottom line

You don’t have to overhaul your email system to get secure. With ExchangeDefender Encryption, you protect sensitive data, build client trust, and avoid costly mistakes—with one simple solution.

👉 Try it free – same-day setup, zero risk

General

It’s Monday morning. Your inbox is unusually quiet. You open your browser—Outlook is down. Gmail? Frozen. Panic mode begins.

Enter Inbox by ExchangeDefender: your seamless, always-on backup email solution designed to just work when your primary provider doesn’t.

Never Miss an Email—Even During Outages

Email outages aren’t just annoying—they can be devastating for business. Whether it’s Microsoft 365, Google Workspace, or any other email provider, downtime happens. What matters is how quickly you bounce back.

Inbox automatically activates when your main email goes offline. No downloads. No IT tickets. No setup. Just log in and keep communicating with your clients, vendors, and team like nothing ever happened.

Real-Time Archiving + Instant Access

Inbox isn’t just a “break glass in case of emergency” tool—it’s your live email archive. Every incoming and outgoing message is captured before it hits your mailbox. That means:

  • Access to every message, even if Outlook never delivered it
  • Searchable archives by date, sender, subject, or keyword
  • Full message read/reply/forward functionality built in

It’s not just backup. It’s better-than-backup.

Works Anywhere, on Everything

Need to check in from your phone during an outage? Done. Working on your iPad from the airport lounge? Easy. Inbox works on:

  • Desktops
  • Tablets
  • Mobile devices
  • Any browser

Whether you’re fully remote, hybrid, or in the office, you’re always connected.

No Learning Curve. No Stress.

Unlike most email continuity solutions that require complicated server setup or IT babysitting, Inbox is plug-and-play. It’s designed for regular users—just log in and go. It works invisibly in the background until you need it, then steps into the spotlight like a superhero with a clean interface and powerful tools.

Final Thought: Inbox Is Peace of Mind

You don’t need to wait for the next outage to start thinking about business continuity. Inbox gives you confidence that even when your primary provider fails, your communication won’t.

🔒 Your email is always available.
💬 Your conversations never stop.
📦 Your business keeps moving.

Ready to see how Inbox makes outages disappear? Download the brochure or try a live demo!

General

Because “Oops” isn’t a great security plan.

Let’s be honest—email is kind of the backbone of your business. It’s where deals get made, contracts are sent, invoices fly back and forth, and sometimes, if we’re being real, it’s where you accidentally email your lunch order to the entire company.

But here’s the thing: your inbox is also a treasure trove of sensitive information. We’re talking payment details, client data, logins, internal documents—the kind of stuff cybercriminals dream about at night.

And yet, most of us treat email like it’s just another casual chat box.

So, what’s the risk?

Imagine sending a postcard with your bank account number written on it. That’s kind of what emailing sensitive info without protection is like. Most email travels unencrypted, which means anyone snooping along the way can read it. That includes hackers, scammers, and even that one weird guy on public Wi-Fi at the coffee shop.

Phishing scams are getting slicker, malware is getting smarter, and businesses—especially small ones—are being targeted more than ever. The result? Breaches, downtime, lost money, and a lot of “We probably should’ve encrypted that” conversations.

But protecting your email doesn’t have to be hard.

Seriously. You don’t need a cybersecurity degree or a 20-person IT department. You just need the right tool—and that’s where ExchangeDefender Email Encryption comes in.

It’s designed to make secure emailing feel… well, normal. No hoops, no complicated setup. Just a simple way to keep your messages private, even if they’re packed with sensitive info.

With ExchangeDefender, you can send encrypted messages right from your browser, protect them with a password if you want, and even set expiration dates—so your email isn’t just floating around forever. You also get full visibility: when your message is opened, by who, and where. (Which makes you look really smart during audits, by the way.)

Plus, it plays nice with compliance rules like HIPAA and GDPR, which is a big win if you’re in healthcare, finance, or just… trying not to get fined.

Here’s the bottom line:

If you’re using email to run your business, you need to protect what’s inside. Email encryption is one of the easiest, most impactful things you can do—and ExchangeDefender makes it painless.

So next time you’re about to hit “send” on something important, ask yourself:
What would it cost me if this fell into the wrong hands?

Then go encrypt it. We’ll help.

👉 Try ExchangeDefender Email Encryption

General

Phishing emails targeting Xfinity (Comcast) customers are flooding inboxes again—and this wave is particularly deceptive. Disguised as legitimate communications from Xfinity, these emails are designed to create panic and trick users into compromising their security.

What’s Happening

Cybercriminals are sending emails that appear to be from Xfinity, warning users about urgent account issues. Common themes include service interruptions, billing errors, or suspicious activity. The emails often ask recipients to “secure their account” or update personal information, directing them to fake login pages that harvest credentials.

Many of these messages are styled with official-looking Xfinity branding, and even the sender email address can appear authentic at a glance. Some victims have reported receiving fake invoices or confirmations for charges they never made—creating just enough concern to drive a click.

📌 Source:

image of an xfinity phishing scam

Why It’s a Problem

Once you click on these links or share information, the consequences can be serious. Scammers may gain access to your Xfinity account, personal data, or even your entire device. This type of phishing can lead to identity theft, financial loss, or malware infections—especially if users unknowingly download files or enable remote access.

Even savvy users can fall for these tricks, which is why prevention and education are key.

📌 Sources:

How ExchangeDefender Helps

ExchangeDefender’s advanced threat protection is already working behind the scenes to block phishing emails like these. By scanning for malicious links, suspicious attachments, and known spam patterns, our system keeps these messages out of your inbox.

If you’re using our LiveArchive solution, your email continues to run smoothly—even if an attack disrupts your main provider.

Want to level up even further? Our Spearphish training platform delivers realistic phishing simulations to help your team recognize red flags before they click.

What You Should Do

If you receive a suspicious message claiming to be from Xfinity:

📌 Also check out:

Make sure your team knows the signs of phishing and doesn’t trust emails that feel rushed, pushy, or “off.” And if you manage email for clients, now’s a great time to reinforce best practices.

General Hosted Services

Let’s be real for a second: email is the unsung hero of your business. It’s how you land clients, keep projects moving, schedule meetings, and occasionally squash drama in a CC’d thread. So when it comes to business email, you don’t want “good enough”—you want rock solid.

That’s where Hosted Exchange earns its keep. It’s not just another email solution—it’s a smart investment. And today, we’re breaking down the real return on investment (ROI) for small businesses.

Predictable Costs, Fewer Surprises

Unlike self-hosted email or piecing together free tools, Hosted Exchange gives you flat, predictable monthly pricing. No surprise server costs, no licensing gymnastics, and no stress when your email traffic spikes.

Real ROI:
💰 Budget-friendly, especially when you factor in the cost of downtime (more on that in a sec).

Uptime That Works Harder Than You Do

You know what’s more expensive than email hosting? Email downtime. Missed deals, frustrated clients, and a flurry of “Did you get my email?” messages.

With Hosted Exchange, you’re backed by 99.999% uptime and ExchangeDefender’s rock-solid infrastructure.

Real ROI:
🕒 You’re not paying employees to sit around waiting for email to come back online.

Enterprise-Grade Security… Without the Enterprise Budget

Small businesses are prime targets for phishing, spoofing, and cyberattacks. Hosted Exchange comes bundled with ExchangeDefender’s advanced email security, including anti-virus, anti-spam, and phishing protection.

Real ROI:
🔐 One email breach can cost thousands—so prevention literally pays for itself.

Productivity on Every Device

Hosted Exchange syncs across desktop, mobile, and web. Your team can access calendars, contacts, and email from anywhere—without clunky VPNs or risky third-party apps.

Real ROI:
📈 More mobility = faster communication = more things getting done.

IT Relief: Let Your Team Focus on Bigger Things

With Hosted Exchange, there’s no need to babysit servers or troubleshoot pop3 errors. ExchangeDefender manages the backend, so your IT person (or outsourced team) can focus on strategic projects—not putting out email fires.

Real ROI:
🧯 Less downtime, fewer help desk tickets, and a more productive IT team.

Whether you’re a team of 3 or 300, Hosted Exchange delivers the kind of value, security, and peace of mind that free or DIY email just can’t match. It’s professional-grade email for businesses that are serious about growing—and protecting—their brand.

Ready to see the ROI in action?
Check out ExchangeDefender’s Hosted Exchange plans and discover just how easy (and affordable) upgrading your email can be.

🔗 Explore Hosted Exchange Plans

General

Once upon a time, email security was something only big corporations worried about—firewalls, encryption, threat detection… it all sounded like enterprise stuff.

But those days? Long gone.

If your business has an email address (and let’s be honest, who doesn’t?), you’re already a target. And the bad guys? They’re counting on you thinking security is “someone else’s problem.”

Let’s break down why email security is no longer optional—especially for small businesses.

1. Small Businesses Are Easy Targets

Cybercriminals know that smaller companies don’t always have the time, money, or resources to invest in advanced security tools. That’s exactly why they get hit more often.

Think of it this way: would a burglar go after Fort Knox… or the house with the front door wide open?

2. Phishing Scams Are Smarter (and Meaner)

Today’s phishing emails don’t look like Nigerian prince spam. They’re clean. Branded. Personalized.

They might come from what looks like your vendor, your CEO, or even your bank.
They want you to click the link, download the invoice, or reset your password.
And they’re sneaky good at it.

That’s why real-time threat detection and phishing filters are essential—not just “nice to have.”

3. Email Holds the Keys to Your Business

Think about it: your inbox is a treasure chest of…

  • Client communications
  • Invoices and payment links
  • Internal documents
  • Credentials and logins
  • Contracts, quotes, and private notes

If someone gains access to your email, they don’t just read your messages—they own your business operations. And the recovery costs (both financially and reputation-wise) are brutal.

4. The Cost of NOT Securing Email Is Way Higher

Sure, tools like ExchangeDefender cost money. But do you know what costs more?

  • Downtime
  • Breach cleanup
  • Legal fees
  • Lost client trust

Email security is no longer a cost center—it’s a business continuity solution.

5. The Right Tools Make Security Simple

You don’t need to hire a team of security experts. ExchangeDefender helps small businesses stay protected with:

✅ Spam + phishing filters
✅ Email encryption
✅ Real-time malware scanning
✅ Quarantine reports + trusted sender controls
✅ Simulated phishing training
✅ 24/7 monitoring + support

It’s not just about defense—it’s about peace of mind.

Your email is your front door. Lock it.

Small business or not, today’s threats are real—and relentless. But with the right protection in place, you can focus on growing your business instead of chasing down security fires.

🔐 Want to see how ExchangeDefender can keep your email secure? Let’s talk.