About 80% of hacker attacks come via email. Learn to recognize threats from few simple clues and prevent them.
Email security is the prevention of cyber attacks by email.
Because who accesses your email, assumes in fact your identity.
The basic concept is "assume another identity", for example that of your boss, your colleague or your supplier. The criminal assumes the false identity
to trick you into doing what you don’t want to do
. This is a technique behind a large amount of cyber attacks.
This is an image of an email where the sender seems to be a friend named Paola.
There are numerous sites and applications that offer the spoofing service, through which it is very easy to send an email with the fake sender.
This is the image of a form offered by an online site to send spoofing emails.
The sender forges the email header. The recipient receives the email with the fraudulent sender’s address.
Those who receive an email with the forged sender are more likely to trust them to click on a malicious link in the email, or open a dangerous attachment (malware), send sensitive data, and even transfer personal or corporate funds.
Learn to recognize and be wary of "strange" emails coming from known senders. If so, check the sender’s address by clicking on it and make sure it does not hide a different address.
Hacked accounts often come from Data Breach (theft of personal data), but can also be commissioned on demand: for a minimum of $150, Dark web sellers offer to hack any corporate email account that a scammer wants access to.
Many promise access within a week.
It is dangerous because any criminal can access this confidential information. No special technical knowledge is required. Hackers do the technical work, while criminals exploit information and tools purchased by hackers to put their scams into practice.
Change your email password often and change it immediately when you are notified that it has been found within a data breach.
It is as simple as it is brilliant. The cyber criminal instead of searching for the password of an email account, looks for the account that fits a password. In practice try (spraying) a series of passwords on a large amount of accounts, until he finds those that are protected with just one of those passwords.
The password list is often the result of a theft on another site (data breach). Most likely users of that site have used the same password for other sites. The cyber criminal exploits this (wrong) behavior.
Using a hacked corporate account, criminals access the victim’s email address book.
The scammer sends messages to the contacts found in the address book using the victim’s identity. For example, you can ask a victim’s client to make a payment using the scammer’s bank details.
Access to your email inbox and contact list can be used as a starting point for collecting detailed information about internal company communications. The scammer can thus prepare a more precise and more dangerous attack. It is the starting point for an APT attack (explained below).
Again, the best defense is to change your mail password often.
You can still pay attention to "strange clues" that reveal an extraneous presence, such as receiving an email from a contact who responds to a request you did not make.
Malware is malicious software, built specifically to enter a system and partially take control of it. Its goal is to cause harm to the system into which it is inserted by deception and to profitably illegally at the expense of system users.
Email is the main means by which malware enters a computer or corporate system. Malware is attached to email. The victim who opens the attachment activates it allowing him to act within the system.
All kinds of malware are available on the dark web. Any criminal can buy malware and use it for illicit purposes. Hackers also do the technical work, while criminals do the "dirty work".
The first defense is not to open attachments to emails from suspicious senders. You should also not click on links within suspicious emails, which may download malware.
APT stands for Advanced Persistent Threat (advanced persistent threats) and indicates a type of attack designed to hide in a victim’s network for weeks, months and potentially even years. Criminals sneak into the corporate network and stay on the line studying internal communications.
The main goal of these attacks is usually to insert deeply into the environment of a company to launch at the right time a powerful attack planned in detail, typically to steal trade secrets or transfer large company funds to the personal accounts of cyber criminals.
A typical fraud that is the result of an APT is the so-called "CEO Fraud". After a long period of study, which serves to rebuild the internal relationships of the company, cyber criminals are able to assume the identity of the CEO of the company, Getting an administrative employee to transfer corporate funds to a bank account controlled by cyber criminals.
APT attacks are perpetrated by very powerful and organized criminal groups. The defense techniques consist in a continuous monitoring and execution of "vulnerability assessment" necessary to remove any flaws.
Despite these defenses, the weak link in the chain remains the human factor. In fact, often the attack starts from an employee’s email. For this you need to learn to recognize abnormal emails and report them immediately.
