Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 31 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

When is a phishing email not a phishing email? The taxonomy of malicious emails

by The Gurus
March 24, 2017
in This Week's Gurus
Share on FacebookShare on Twitter

Malicious email attacks have dominated the security headlines in recent months, with 2017 already seeing large campaigns targeting Netflix and Amazon customers. Despite the number of incident however, many individuals and businesses alike don’t actually know what kind of attacks they are being hit by.
In order for a business to defend against malicious email attacks it is essential that they are able to identify whether they have been hit with a phishing, BEC or ransomware attack. According to the FBI, BEC scams have resulted in losses of £2.4 billion ($3.1 billion) as of May 2016. The effect of a malicious email attack can be devastating, it can lead to financial losses, reputational damage and worse. If one of your employees suspects they have received a malicious email, it needs to be reported to the IT department or a cyber security expert needs to be engaged. They will be able to identify the type of attack and put security in place to prevent any further damage.
To phish or not to phish?
 The differences between the content and the methods used to deliver these email attacks can be subtle. If you are aware of them, you might just save yourself and your organisation financial and reputational damage. A consumer phishing attack, sometimes called a scattershot attack, is sent out to many people, in the hope that one of the less security savvy targets opens it. The email addresses are cleverly spoofed and the imposter uses a fake domain name to create a false identity.
Often an attacker will impersonate a known and trusted brand’s domain and send malicious emails to their customers. Because the email appears to be from a known and trusted sender, a number of customers will open it and likely be asked to follow a link. The link will often redirect them to a fake website where they may be asked to enter or confirm login credentials.
Business email compromise or BEC attacks, on the other hand, can come from either an imposter or from a legitimate but compromised account. These types of attacks typically use social engineering methods to create ‘believable’ content for a fraudulent email. They are also extremely targeted, being sent to a few, very specific people for example, financial controllers or HR managers of a company.
Ransomware attacks are typically sent from an imposter; however, they can also come from a compromised account. Like BEC attacks, they are often targeted and use social engineering techniques to create ‘believable’ content that convinces people to open a malware-infected document or click on a malicious link.
Thanks to the huge volume of emails arriving every day, it can be difficult to differentiate between truly malicious emails and “grey mail”. These are annoying emails which fill up our inboxes or spam folders but are usually harmless, such as newsletters and advertisements. Over time your email authentication software will learn which domains are malicious and which are just grey mail.
Prevention is better than cure
 There is no one solution which can prevent all malicious email attacks. Email authentication is an essential component to achieving a trusted email channel, it will not stop all attacks, though.
To defend against all email attacks organisation’s need to implement a multi layered security system. Using authentication technology which can identify and confirm the sender is more effective than using a programme which bases its decision on what to do with an email on its content. Over time the software begins to recognise increasing numbers of email addresses and domains and remembers previous actions taken for each one. This type of email solution will go a long way to protecting an organisation and its employees against malicious email attacks. Unfortunately, if an attacker gains access to an employee’s genuine email account and uses it for malicious purposes, this type of activity can only be detected by targets noticing that the message is out of character or going against policy.
Each attack requires its own solution – there is no ‘one size fits all’ approach to preventing cyberattacks. By understanding the techniques, targets and motivations behind each kind of malicious email, businesses can be better prepared to understanding the solutions that will prevent them.
 
By Markus Jakobsson, Chief Scientist at Agari

FacebookTweetLinkedIn
Tags: CyberemailPhishingsecurityTechnology
ShareTweetShare
Previous Post

New DevOps Research From Sonatype Reveals Changing Attitudes Toward Application Security

Next Post

IT security pros and network operators view DDoS attacks as an increased concern in 2017

Recent News

JD Sports admits data breach

JD Sports admits data breach

January 30, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023
Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information