116 – Disable images of unknown origin

Summary

The corporate email client must not display, by default, images whose origin is unknown.

Description

Images from unknown sources can lead to several security risks, including: - Malicious Content: Images may contain embedded malicious code that can exploit vulnerabilities in the recipient's software. - Phishing Attempts: Images could be used in phishing attacks to deceive users by displaying misleading or malicious content. - Privacy Concerns: Images may contain sensitive or personally identifiable information (PII) that could be used for privacy violations.

Supported In

Advanced: True

References

• CIS-9_7. Deploy and maintain email server anti-malware protections
• IEC62443-RDF-5_3. User content filtering
• SIG-U_1_10_5. Server security

Weaknesses

• 114 – Phishing

Last updated

2024/01/18