SlideShare a Scribd company logo

What are the possible damages of phishing and spoofing mail attacks part 2#9 | Eyal Doron | o365info.com

Eyal Doron, profile picture
Eyal Doron

The document discusses the serious threats posed by phishing and spoofing mail attacks on organizational email infrastructure and users. It outlines various potential damages, including financial fraud, data theft, and malware infections, all of which can result from such sophisticated attacks. The author emphasizes the need for awareness and understanding of these threats in order to implement effective solutions and protect organizations from harm.

Internet
1 of 20
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Page 1 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 We are living in a dangerous world that produces many types of threats and risks to our organizational mail infrastructure, to our users and to us. In the current article, I would like to review some of the possible damages that we can experience in a scenario, in which Spoof or Phishing mail attacks are realized. The Great Market Of Mail Threats, Possible Damages And Phishing Mail Attack
Page 2 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Regarding the threats and risks to our mail infrastructure, there are a variety of threats which we should be aware of and prepare accordingly. So why did I prefer to talk about the specific threat describe as β€œPhishing mail attack”, and his relative – the Spoof mail attacks? The reason is that Phishing mail attacks are very interesting from the risk management and security perspective and very challenging from the β€œpossible solutions” perspective. Phishing mail attacks are the representative of a modern threat that belongs to the famous family of advanced threats The main character of Phishing mail attacks is, that this type of attack considered as a very sophisticated attack that can cause a very serious damage. To be able to protect our users and our organization from the threat of Phishing mail attack, we will need to complete a couple of phases: ο‚· Be familiar with the specific characters and the behavior (the DNA) of the Phishing mail attack and Spoof mail attacks. For example, how does Phishing mail attack uses different tools and methods such as Spoof mail attack for getting the required results. ο‚· Be familiar with the possible damages in the case that the Phishing mail attack threat is realized. ο‚· Be familiar with all the common obstacles that prevent us from successfully dealing with the threat of Spoof E-mail attacks and Phishing mail attacks. ο‚· Be familiar with the complexity of β€œsolutions cocktail” that we need to use for dealing with Phishing mail attacks and Spoof mail attacks. ο‚· Be familiar with the specific characters and the concept of each of the possible solutions, the strengths and the weaknesses of each of the solutions, etc.
Page 3 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Bottom line To acknowledge that the subject of Phishing mail attack is a very serious threat that needs our full attention.
Page 4 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The Existing Threats And Risks To Your Mail Infrastructure. The modern mail environment includes a variety of β€œrisks” and β€œthreats” that we need to deal with. A very general classification of these β€œmail threats” could be: Mail attacks | Threats and risks that are executed by hostile elements. This type of these β€œthreats” is executed by a hostile element, that tries to exploit existing vulnerabilities of our mail infrastructure, or the vulnerabilities our users. The results of such attacks could be a minor damage – such as the damage of spam mail in which the damage is harassment of our users, by sending a mail that includes inappropriate content, such as advertising persuasion to purchase products, which will increase certain body organs. The other side of the story could be mail attack such as a Phishing mail attack that can cause serious damage such as: stealing intellectual property, stealing money, stealing passwords, infects our infrastructure with malware and so on. As an example, we can mention the following mail attacks: 1. Spoof E-mail attacks – a scenario in which hostile element uses a false identity, usually an identity of a β€œtrusted sender” in which the victim can trust. 2. Phishing mail attacks –attack that can be described as – advanced or sophisticated attack, which combines a variety of methods such as – Spoof mail, social engineering, Phishing website, malware and so on for attacking the victim. 3. Spam mail attacks – spam mail that can flood the organization mail infrastructure harasses and annoying mail users. 4. Malware – a hostile code that could cause a minor damage, but at the same time, can cause a huge damage. Another type of threats and risks 1. Data leak – a scenario in which sensitive data is leaking by using the organization mail infrastructure as a β€œbridge”. 2. Data privacy, data confidentiality and data integrity – a scenario in which hostile element access data that is transferred via the communication line etc. 3. Availability of mail infrastructure – a scenario in which the mandatory need of 7 X 24 availability of the organization mail infrastructure may be affected by various factors such as – failure of the mail server’s hardware, failure of communication lines and so on.
Page 5 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Although each of this β€œmail threats” that are mentioned above is – an Important and respected threat, in the current article series, I would like to focus on the subject of β€œMail attacks” and especially on the subject of Spoof mail attack and Phishing mail attacks. Additional reading ο‚· Addressing Your CxO’s Top Five Cloud Security Concerns ο‚· Phishing Detecton and Remediation ο‚· Email Security Threats ο‚· Guarding Beyond the Gateway: Challenges of Email Security
Page 6 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The Possible Damages Of Phishing Mail Attack One of the most β€œinteresting” characters of Phishing mail attack is, that there is a wide range of β€œdamages” that could be realized by the Phishing mail attack. The type of the β€œdamage” depends upon the creativity and imagination of the attacker. Just in case, I would like to review the most common results from the Phishing mail attack: 1. Fraud Under the section of β€œfraud,” there are a variety of possible types of frauds, for example – Finical fraud, in which the victim is seduced to deposit money in the attacker bank account. 2. Theft Access to user or organization private information A scenario in which hostile element gets access to a private information about the victim such as user password, bank account number and so on. Another option is – A scenario in which hostile element gets access to the organization private data by using the victim as a β€œbridge” to enter that protected organization perimeter. 3. Variable type of β€œdamages” to the organization infrastructure I use this vague definition because, the severity of the possible damage that can be caused by the attacker, depend upon the type of the Phishing mail attack that is executed. For example, the Phishing mail attack can tempt the victim to download and activate a specific file that is actually a malware such as – Trojan horse. The damages that can be caused by a Trojan horse can be a minor damage such as in a scenario in which the Trojan horse serves as an adware (collect information about the user habit, etc.) Or can be translated into a very serious damage in which the Trojan horse serves as a back door for the attacker, that take control on the victim’s desktop, and uses the victim’s desktop as a β€œbridge” to the rest of the organization infrastructure.
Page 7 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The wicked structure of the Phishing mail attack As mentioned, the Phishing mail attack considered as a sophisticated attack which combined many malicious methods for implementing a successful attack. For example, in a common Phishing mail attack, the attacker will use a spoofed sender identity, which looks like trusted sender identity that the victim can trust. The E-mail message content will include some β€œnarrative” which is based on social engineering methods, that will address a specific human vulnerability or a specific human character that will seduce and lead the victim β€œto do something” such as – download and open a specific file, click on a specific link that will lead the victim to a Phishing website and so on. The result of the β€œuser action” (the victim) could be data theft, money fraud, infect the user desktop with a malware etc.
Page 8 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 What is my point? My point is that if we manage to β€œcatch the head of the snake”, we can avoid from the of a snake bite! If we use a less metaphorically description – in case that we manage to identify and block the Spoof mail attack and Phishing mail attacks, we can prevent the painful results from the attack.
Page 9 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 For example, along the current article series, we will review in details the subject of – β€œSpoof mail attack”. We will review the characters of Spoof mail attack, and the way that we can use for dealing with a Spoof mail attack (by implementing sender verification mechanisms). The Spoof mail attack doesn’t have a β€œlife of its own”. The meaning is that from the attacker’s point of view, the ability to spoof the sender’s identity, have a β€œvalue” only as β€œbridge” which will pave the way for the β€œreset” of the Phishing mail attacks. In case that we will be able to identify and block most of the Spoof mail attack, the derivative is that we also be able to block most of the Phishing mail attack!
Page 10 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 An important observation is that not all the Phishing mail attack uses Spoof mail attack and in addition, there is not granted that we will be able to identify 100% of Spoof mail attack. Why Do I Want To Focus On Spoof Mail And Phishing Mail Attacks? The answer to the question is that in the current time, there is a deadly cocktail that is served at the local pub which includes the following Ingredients: 1. The significant damage that is caused by Phishing attacks (and Spoof mail attack that is part of the Phishing mail attack). 2. The incredible ease of performing Spoof mail and Phishing mail attacks. 3. The incredible lack of knowledge and understanding about the mechanism, and the characters of Spoof mail and Phishing mail attacks.
Page 11 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 My main goal is – to be your wake-up call! The lack of awareness of the risks that involved in Spoof mail and Phishing mail attacks. Although it seems like that everyone knows the meaning of – Spoof mail and Phishing mail attacks, the simple truth is that most of the time, most of us, not really understand the huge impact of this type of attacks, how this attack is implemented, what are the main characters this attack and so on. From my personal acquaintance with customers and organizations, there are a number of core beliefs, that prevent us from dealing with the risks of risks of Spoof mail and Phishing mail: ο‚· It will not happen to me! ο‚· Don’t rock the boat! ο‚· We will deal with the problem when we get to it!
Page 12 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The type the above approach, causes us to close our eyes to this Immediate and tangible threat, and hope that – if and when this risk will be realized, we will know how to deal with this β€œissue” or most of the time, find a way to β€œoutsource the responsibility” to another factor that we can blame. The less good news is that in the case of Spoof mail attack and Phishing mail attacks, we can rely on the famous Murphy’s law – β€œIf anything can go wrong, it will!” Alternatively, if you want to put it differently – it’s not a matter of β€œif”, it’s a matter of β€œwhen.” To emphasize my point, let’s do a little test that will enable us to be impressed from the β€œlevel of interest” regarding two important subjects: Identifying phishing mail, and Kim Kardashian. For the purpose of this test, let’s use the YouTube site as an indicator of the β€œlevel of interest.” In the following screenshot, we can see the search results for the term β€œIdentifying phishing mail.” We can clearly see that this issue is not a very popular subject. The sum of the results that deal with this subject of Phishing mail is 700~. The first result is a video that created a year ago, and the average number of β€œviews” for the video results that appear on the first page is measured in hundreds.
Page 13 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 In the next screenshot, we can see the search results for the term – β€œKim Kardashian.” We can clearly see that this issue is a very popular subject. The sum of the results that deal with this subject is 1, 630, 000~. The average number of β€œviews” for the video results that appear on the first page is measured in thousands, and some video was watched 4,500,000 ~.
Page 14 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 A Little About Spam Mail Before We Continue With The Subject Of Spoof E- Mail Attacks And Phishing Mail Attacks. When reading a technical article about the subject of mail security and mail threats, the Phishing mail attack is frequently described as – a β€œsubcategory” of spam mail. I am strongly opposed to the above definition because this classification minimizes and reduces our awareness of the big risk of Phishing mail attack versus spam mail. If we want to condense the main goal of all the types of mail attacks, the simple answer is – β€œto earn money”.
Page 15 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The main difference between spam mail attack and Phishing mail attack is – the β€œway” that the element uses for getting the amount of money. The similar characters of spam mail and Phishing mail The common denominator of spam mail and Phishing mail is that way that the E-mail message is β€œdistributed” among many destination recipients. The main target of β€œelement” that sends spam mail and the element that sends Phishing mail is – to reach the largest possible number of target recipients, by using the option of bulk mail or mass mail. The method for getting the E-mail address of the β€œvictims,” could be similar such as using the option of Harvested E-mail address.
Page 16 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Note – this observation is not complete accurately because, when using a specific Phishing mail attack that described as – spear phishing, the attacker doesn’t use the option of bulk mail, but instead, aim his attack to a very specific organization recipient such as the company CEO and so on. The difference between spam mail and Phishing mail The main difference between spam mail attack versus Phishing mail attack is the level of damage or the level of β€œwickedness.” Most of the times, the β€œstandard spam mail” can be considered as an E-mail that includes some kind of a message, that tries to convince you to buy β€œsomething.” Apart from the harassment that is caused by accepting β€œunwanted E-mail message” that compels the user to waste the time required for read or delete the spam mail, there is no other critical damage. Note – there are β€œother damages” that are caused by spam mail such as flooding of an organization, communication lines and the waste of storage space on the mail server but, from the β€œuser perspective,” the spam mail is considered as a non-useful mail, and that’s all. Regarding the subject on – possible damage that is caused by a Phishing mail attack, in this case, the story is totally different! The Phishing mail attacks β€œdamage” could be translated into a specific user damage such as – breaking into a specific person’s bank account and stealing his money or can be realized as an attack, that infects the organization infrastructure with malware that can take control over the organization infrastructure, encrypts hard disks and asking for a ransom and so on.
Page 17 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Regarding the β€œdamage level” which can be caused by a Phishing mail attack, the sky is the limit! Spam Mail, A Very Brief Review Although this article series is dedicated to the subject of Spoof E-mail attacks and Phishing mail attacks, I would like to β€œpay my debt” to the subject of spam mail, by providing a very brief review on this subject. Know your enemy | What is the motivation of the spammers? The main motivation of the elements which perform spam mail attack is – money. A very useful way to make money and even a lot of money is – by selling something to someone. One of the easiest and the profitable way of addressing a huge amount of β€œpotential buyers” is – by using the Internet infrastructure. The β€œthing” that the spammer wants to sell, could be a product, a service or even an β€œidea.” ο‚· The spammer may wish to promote a specific product service which he provides. ο‚· The spammer may wish to promote a specific product service someone else’s product (affiliate programs). ο‚· Other – I add the β€œother,” as a space holder for any other thing that the spammer has an interest to promote.
Page 18 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Spam mail | The risk level and the consequence In general, we can define the β€œrisk level” of spam mail as low or medium. Although no one would like to get a spam mail, the damage of spam mail is not considered as a real threat to crucial assets of the organization. The possible damage from the spam mail attack could be: ο‚· Annoying our users ο‚· A waste of time that is required for reading the spam mail sends the spam mail to the junk folder, inform the IT staff about the spam mail. ο‚· Lead our users to problematic websites Another type of damages that are caused by spam mail are the damage of the organizational infrastructure such as communication line and storage: ο‚· Spoof E-mails that causes communication lines are overloaded. ο‚· Mail server storage that is wasted on storing the spam mail.
Page 19 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The way that spammers get our E-mail address The last thing that I would like to relate to the subject of β€œspam mail” is the method which the spammers use for getting the information about the E-mail address of their β€œvictims” (our users). In a spam mail scenario, the most common complaint of the users is – that they never registered a specific mail list or didn’t provide their E-mail address to the element that sends the spam mail. The simple answer is that most of the time, they are right! The spammer gets the required information about the β€œE-mail address” of their victims by purchase E-mail lists of mediators who have a database of harvested email address. These β€œmediators” know how to harvest this E-mail address from many types of resources such as – chat rooms, newsgroups, websites, social networking, blogs, Internet directories and so on. Additional methods that spammer use described as – running a dictionary attack. The dictionary attacks are implemented by software engineers who know how to generate billions of combinations, which create β€œoptional E-mail address” that are used by the spammer.
Page 20 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Note – the same methods for getting the E-mail address of the potential victims is used by the hostile elm nets that perform Phishing mail attacks. The next article in the current article series is What is so special about Spoof mail attack? |Part 3#9

More Related Content

PDF
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
Eyal Doron
Β 
PDF
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Eyal Doron
Β 
PDF
The Evolution of Phising Attacks
Bee_Ware
Β 
PPTX
What is a Malware - Kloudlearn
KloudLearn
Β 
PDF
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...
CSCJournals
Β 
PDF
Advanced Phishing The Art of Stealing
Avinash Sinha
Β 
PDF
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
Β 
PDF
Uk computer emergency response team (cert) introduction to social engineering
PublicLeaker
Β 
What is the meaning of mail phishing attack in simple words part 4#9 | Eyal...
Eyal Doron
Β 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Eyal Doron
Β 
The Evolution of Phising Attacks
Bee_Ware
Β 
What is a Malware - Kloudlearn
KloudLearn
Β 
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...
CSCJournals
Β 
Advanced Phishing The Art of Stealing
Avinash Sinha
Β 
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
Β 
Uk computer emergency response team (cert) introduction to social engineering
PublicLeaker
Β 

What's hot (16)

PDF
Phishing attack types and mitigation strategies
Sarim Khawaja
Β 
PDF
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
Eyal Doron
Β 
PDF
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
IJECEIAES
Β 
PDF
Ransomware_PDF
Ren Hao
Β 
PDF
EXPLORING HISTORICAL AND EMERGING PHISHING TECHNIQUES AND MITIGATING THE ASSO...
IJNSA Journal
Β 
PDF
Dyre: Emerging Threat on Financial Fraud Landscape
Symantec
Β 
PDF
Fire eye spearphishing
Zeno Idzerda
Β 
PDF
A Review on Antiphishing Framework
IJAEMSJORNAL
Β 
PPTX
What is Phishing - Kloudlearn
KloudLearn
Β 
PPT
P H I S H I N G
bensonoo
Β 
PDF
An overview study on cyber crimes in internet
Alexander Decker
Β 
DOC
14 cyber threats
mahesh43211
Β 
PDF
Cyber crime liability report
Sayali Sawant
Β 
DOCX
Cyber security.docx
saivarun91
Β 
PPTX
Phishing techniques
Sushil Kumar
Β 
PPTX
Anatomy of a Spear Phishing Attack
Mark Mair
Β 
Phishing attack types and mitigation strategies
Sarim Khawaja
Β 
What is so special about spoof mail attack part 3#9 | Eyal Doron | o365info.com
Eyal Doron
Β 
A Novel Approach for Phishing Emails Real Time Classification Using K-Means A...
IJECEIAES
Β 
Ransomware_PDF
Ren Hao
Β 
EXPLORING HISTORICAL AND EMERGING PHISHING TECHNIQUES AND MITIGATING THE ASSO...
IJNSA Journal
Β 
Dyre: Emerging Threat on Financial Fraud Landscape
Symantec
Β 
Fire eye spearphishing
Zeno Idzerda
Β 
A Review on Antiphishing Framework
IJAEMSJORNAL
Β 
What is Phishing - Kloudlearn
KloudLearn
Β 
P H I S H I N G
bensonoo
Β 
An overview study on cyber crimes in internet
Alexander Decker
Β 
14 cyber threats
mahesh43211
Β 
Cyber crime liability report
Sayali Sawant
Β 
Cyber security.docx
saivarun91
Β 
Phishing techniques
Sushil Kumar
Β 
Anatomy of a Spear Phishing Attack
Mark Mair
Β 
Ad

Viewers also liked (20)

PPTX
PATHS at EuropeanaTech 2011, Vienna
pathsproject
Β 
PDF
PATHS: Personalised Access to Cultural Heritage Spaces
pathsproject
Β 
PPTX
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
designforchangechallenge
Β 
PDF
PATHS presentation at York University
pathsproject
Β 
PDF
TAM-2012-08 Govt Higher sec School Mathicode
designforchangechallenge
Β 
PPTX
My E-mail appears as spam - troubleshooting path - part 11 of 17
Eyal Doron
Β 
PPT
Introduction to Arema Connect
Arema Connect
Β 
PDF
User-Centred Design to Support Exploration and Path Creation in Cultural Her...
pathsproject
Β 
PPTX
Ozon
Ayu P
Β 
PDF
De-list your organization from a blacklist | My E-mail appears as spam | Part...
Eyal Doron
Β 
PDF
The checklist for preparing your Exchange 2007 infrastructure for Exchange 20...
Eyal Doron
Β 
PDF
PresentaciΓ³n Drupal Commerce en OpenExpo Ecommerce
OpenExpo
Β 
PPT
Arema connect partnership introduction
Arema Connect
Β 
PDF
Aletras, Nikolaos and Stevenson, Mark (2013) "Evaluating Topic Coherence Us...
pathsproject
Β 
PDF
The old exchange environment versus modern exchange environment part 02#36
Eyal Doron
Β 
PPSX
Presentation
sunkitchen
Β 
PDF
第10ε›žword benchη†Šζœ¬
Akinori Tateyama
Β 
PDF
My E-mail appears as spam - Troubleshooting path | Part 11#17
Eyal Doron
Β 
PPTX
Fund EcoMarket 2016
juliadreblow
Β 
PPTX
Ρ‚Ρ€Π΅Π½ΠΈΠ½Π³ΠΎΠ²Ρ‹ΠΉ Ρ†Π΅Π½Ρ‚Ρ€ «настрой»
Datnov Fedor
Β 
PATHS at EuropeanaTech 2011, Vienna
pathsproject
Β 
PATHS: Personalised Access to Cultural Heritage Spaces
pathsproject
Β 
IND-2012-277 St.Xavier’s High School -Zero Garbage Campaign
designforchangechallenge
Β 
PATHS presentation at York University
pathsproject
Β 
TAM-2012-08 Govt Higher sec School Mathicode
designforchangechallenge
Β 
My E-mail appears as spam - troubleshooting path - part 11 of 17
Eyal Doron
Β 
Introduction to Arema Connect
Arema Connect
Β 
User-Centred Design to Support Exploration and Path Creation in Cultural Her...
pathsproject
Β 
Ozon
Ayu P
Β 
De-list your organization from a blacklist | My E-mail appears as spam | Part...
Eyal Doron
Β 
The checklist for preparing your Exchange 2007 infrastructure for Exchange 20...
Eyal Doron
Β 
PresentaciΓ³n Drupal Commerce en OpenExpo Ecommerce
OpenExpo
Β 
Arema connect partnership introduction
Arema Connect
Β 
Aletras, Nikolaos and Stevenson, Mark (2013) "Evaluating Topic Coherence Us...
pathsproject
Β 
The old exchange environment versus modern exchange environment part 02#36
Eyal Doron
Β 
Presentation
sunkitchen
Β 
第10ε›žword benchη†Šζœ¬
Akinori Tateyama
Β 
My E-mail appears as spam - Troubleshooting path | Part 11#17
Eyal Doron
Β 
Fund EcoMarket 2016
juliadreblow
Β 
Ρ‚Ρ€Π΅Π½ΠΈΠ½Π³ΠΎΠ²Ρ‹ΠΉ Ρ†Π΅Π½Ρ‚Ρ€ «настрой»
Datnov Fedor
Β 
Ad

Similar to What are the possible damages of phishing and spoofing mail attacks part 2#9 | Eyal Doron | o365info.com (20)

PDF
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Eyal Doron
Β 
PDF
Cybercrime - An essential guide from Thawte
RapidSSLOnline.com
Β 
PPTX
Empowerment Technologies - Lesson 2: ONLINE SAFETY-SECURITY-ETHICS-AND-ETIQUETTE
GrazeleenMercado
Β 
PPTX
front_one cyberseuciryt is the protection of something digital from the uneth...
sagarsthakuri188
Β 
DOCX
negative implications of IT
MahdiRahmani15
Β 
PDF
Uk computer emergency response team (cert) introduction to social engineering
PublicLeaks
Β 
DOCX
social engineering attacks.docx
MehwishAnsari11
Β 
PDF
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
Β 
PDF
Phishing: Analysis and Countermeasures
IRJET Journal
Β 
PDF
Email Hacking
InsecureLab
Β 
PDF
Emotet: A Sophisticated and Persistent Malware for Stealing Information, its ...
IRJET Journal
Β 
PDF
Phishing 101: Part-1 Blog Welcome to this Phishing Blog Part1.
abhishekbacklink
Β 
PPTX
Guest Lecture-Computer and Cyber Security.pptx
GudipudiDayanandam
Β 
PPTX
Information-Security-Lecture-6.pptx
anbersattar
Β 
PPT
Trend keamanan komputer 2012
Ayu Anita
Β 
PPTX
IP SPOOFING &-.pptx
pesmallu4444
Β 
PDF
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...
CSCJournals
Β 
PDF
Mim Attack Essay
Haley Johnson
Β 
PDF
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
Β 
PDF
Prevention of Phishing Attacks Based on Discriminative Key Point Features of ...
CSCJournals
Β 
Why our mail system is exposed to spoof and phishing mail attacks part 5#9 |...
Eyal Doron
Β 
Cybercrime - An essential guide from Thawte
RapidSSLOnline.com
Β 
Empowerment Technologies - Lesson 2: ONLINE SAFETY-SECURITY-ETHICS-AND-ETIQUETTE
GrazeleenMercado
Β 
front_one cyberseuciryt is the protection of something digital from the uneth...
sagarsthakuri188
Β 
negative implications of IT
MahdiRahmani15
Β 
Uk computer emergency response team (cert) introduction to social engineering
PublicLeaks
Β 
social engineering attacks.docx
MehwishAnsari11
Β 
Cisco cybersecurity essentials chapter 3
Mukesh Chinta
Β 
Phishing: Analysis and Countermeasures
IRJET Journal
Β 
Email Hacking
InsecureLab
Β 
Emotet: A Sophisticated and Persistent Malware for Stealing Information, its ...
IRJET Journal
Β 
Phishing 101: Part-1 Blog Welcome to this Phishing Blog Part1.
abhishekbacklink
Β 
Guest Lecture-Computer and Cyber Security.pptx
GudipudiDayanandam
Β 
Information-Security-Lecture-6.pptx
anbersattar
Β 
Trend keamanan komputer 2012
Ayu Anita
Β 
IP SPOOFING &-.pptx
pesmallu4444
Β 
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...
CSCJournals
Β 
Mim Attack Essay
Haley Johnson
Β 
Research Paper on Spreading Awareness About Phishing Attack Is Effective In R...
IRJET Journal
Β 
Prevention of Phishing Attacks Based on Discriminative Key Point Features of ...
CSCJournals
Β 

More from Eyal Doron (20)

PPTX
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
Eyal Doron
Β 
PDF
How does sender verification work how we identify spoof mail) spf, dkim dmar...
Eyal Doron
Β 
PDF
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Eyal Doron
Β 
PDF
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Eyal Doron
Β 
PDF
Mail migration to office 365 measure and estimate mail migration throughput...
Eyal Doron
Β 
PDF
Mail migration to office 365 factors that impact mail migration performance...
Eyal Doron
Β 
PDF
Mail migration to office 365 optimizing the mail migration throughput - par...
Eyal Doron
Β 
PDF
Mail migration to office 365 mail migration methods - part 1#4
Eyal Doron
Β 
PDF
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Eyal Doron
Β 
PDF
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Eyal Doron
Β 
PDF
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Eyal Doron
Β 
PDF
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Eyal Doron
Β 
PDF
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
PDF
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
PDF
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
PDF
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Eyal Doron
Β 
PDF
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Eyal Doron
Β 
PDF
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Eyal Doron
Β 
PDF
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Eyal Doron
Β 
PDF
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Eyal Doron
Β 
How to simulate spoof e mail attack and bypass spf sender verification - 2#2
Eyal Doron
Β 
How does sender verification work how we identify spoof mail) spf, dkim dmar...
Eyal Doron
Β 
Dealing with a spoof mail attacks and phishing mail attacks a little story ...
Eyal Doron
Β 
Exchange In-Place eDiscovery & Hold | Introduction | 5#7
Eyal Doron
Β 
Mail migration to office 365 measure and estimate mail migration throughput...
Eyal Doron
Β 
Mail migration to office 365 factors that impact mail migration performance...
Eyal Doron
Β 
Mail migration to office 365 optimizing the mail migration throughput - par...
Eyal Doron
Β 
Mail migration to office 365 mail migration methods - part 1#4
Eyal Doron
Β 
Smtp relay in office 365 environment troubleshooting scenarios - part 4#4
Eyal Doron
Β 
Stage migration, exchange and autodiscover infrastructure part 1#2 part 35#36
Eyal Doron
Β 
Autodiscover flow in an office 365 environment part 3#3 part 31#36
Eyal Doron
Β 
Autodiscover flow in an exchange hybrid environment part 1#3 part 32#36
Eyal Doron
Β 
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
Autodiscover flow in an exchange on premises environment non-active director...
Eyal Doron
Β 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Eyal Doron
Β 
Microsoft remote connectivity analyzer (exrca) autodiscover troubleshooting ...
Eyal Doron
Β 
Microsoft connectivity analyzer (mca) autodiscover troubleshooting tools pa...
Eyal Doron
Β 
Outlook test e mail auto configuration autodiscover troubleshooting tools p...
Eyal Doron
Β 
Microsoft remote connectivity analyzer (ex rca) autodiscover troubleshooting...
Eyal Doron
Β 

Recently uploaded (20)

PDF
The Internet -By the Numbers, Sri Lanka Edition
APNIC
Β 
PPTX
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
Β 
PPTX
Funds Management Learning Material for Beg
NKKumar16
Β 
PPTX
artificial intelligence overview of it and more
yafotin445
Β 
PDF
πŸ’° π”πŠπ“πˆ πŠπ„πŒπ„ππ€ππ†π€π πŠπˆππ„π‘πŸ’πƒ π‡π€π‘πˆ 𝐈𝐍𝐈 πŸπŸŽπŸπŸ“ πŸ’°
GRAB
Β 
PPTX
Digital Literacy And Online Safety on internet
riksa rifqi
Β 
PPTX
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
Β 
PPTX
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
Β 
PPTX
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
Β 
PDF
Introduction to the IoT system, how the IoT system works
TinBinh
Β 
PPTX
SAP Ariba Sourcing PPT for learning material
NKKumar16
Β 
DOCX
Unit-3 cyber security network security of internet system
shivangisharma636228
Β 
PPTX
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
Β 
PDF
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
Β 
PPTX
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
Β 
PPT
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
Β 
PPTX
Internet___Basics___Styled_ presentation
poonam62133
Β 
PPT
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
Β 
PDF
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
Β 
PPTX
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
Β 
The Internet -By the Numbers, Sri Lanka Edition
APNIC
Β 
INTERNET------BASICS-------UPDATED PPT PRESENTATION
poonam62133
Β 
Funds Management Learning Material for Beg
NKKumar16
Β 
artificial intelligence overview of it and more
yafotin445
Β 
πŸ’° π”πŠπ“πˆ πŠπ„πŒπ„ππ€ππ†π€π πŠπˆππ„π‘πŸ’πƒ π‡π€π‘πˆ 𝐈𝐍𝐈 πŸπŸŽπŸπŸ“ πŸ’°
GRAB
Β 
Digital Literacy And Online Safety on internet
riksa rifqi
Β 
Introuction about ICD -10 and ICD-11 PPT.pptx
naveenithkrishnan
Β 
CHE NAA, , b,mn,mblblblbljb jb jlb ,j , ,C PPT.pptx
sumodmjohn3
Β 
Job_Card_System_Styled_lorem_ipsum_.pptx
Jeffkigen
Β 
Introduction to the IoT system, how the IoT system works
TinBinh
Β 
SAP Ariba Sourcing PPT for learning material
NKKumar16
Β 
Unit-3 cyber security network security of internet system
shivangisharma636228
Β 
Introduction about ICD -10 and ICD11 on 5.8.25.pptx
naveenithkrishnan
Β 
Cloud-Scale Log Monitoring _ Datadog.pdf
MuhammadDhomanhuriMa
Β 
presentation_pfe-universite-molay-seltan.pptx
yahyamohibme
Β 
isotopes_sddsadsaadasdasdasdasdsa1213.ppt
Kenneth James Alamillo
Β 
Internet___Basics___Styled_ presentation
poonam62133
Β 
Design_with_Watersergyerge45hrbgre4top (1).ppt
DiogoRibeiro730590
Β 
Best Practices for Testing and Debugging Shopify Third-Party API Integrations...
CartCoders
Β 
PptxGenJS_Demo_Chart_20250317130215833.pptx
itruongva
Β 

What are the possible damages of phishing and spoofing mail attacks part 2#9 | Eyal Doron | o365info.com

  • 1. Page 1 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 We are living in a dangerous world that produces many types of threats and risks to our organizational mail infrastructure, to our users and to us. In the current article, I would like to review some of the possible damages that we can experience in a scenario, in which Spoof or Phishing mail attacks are realized. The Great Market Of Mail Threats, Possible Damages And Phishing Mail Attack
  • 2. Page 2 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Regarding the threats and risks to our mail infrastructure, there are a variety of threats which we should be aware of and prepare accordingly. So why did I prefer to talk about the specific threat describe as β€œPhishing mail attack”, and his relative – the Spoof mail attacks? The reason is that Phishing mail attacks are very interesting from the risk management and security perspective and very challenging from the β€œpossible solutions” perspective. Phishing mail attacks are the representative of a modern threat that belongs to the famous family of advanced threats The main character of Phishing mail attacks is, that this type of attack considered as a very sophisticated attack that can cause a very serious damage. To be able to protect our users and our organization from the threat of Phishing mail attack, we will need to complete a couple of phases: ο‚· Be familiar with the specific characters and the behavior (the DNA) of the Phishing mail attack and Spoof mail attacks. For example, how does Phishing mail attack uses different tools and methods such as Spoof mail attack for getting the required results. ο‚· Be familiar with the possible damages in the case that the Phishing mail attack threat is realized. ο‚· Be familiar with all the common obstacles that prevent us from successfully dealing with the threat of Spoof E-mail attacks and Phishing mail attacks. ο‚· Be familiar with the complexity of β€œsolutions cocktail” that we need to use for dealing with Phishing mail attacks and Spoof mail attacks. ο‚· Be familiar with the specific characters and the concept of each of the possible solutions, the strengths and the weaknesses of each of the solutions, etc.
  • 3. Page 3 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Bottom line To acknowledge that the subject of Phishing mail attack is a very serious threat that needs our full attention.
  • 4. Page 4 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The Existing Threats And Risks To Your Mail Infrastructure. The modern mail environment includes a variety of β€œrisks” and β€œthreats” that we need to deal with. A very general classification of these β€œmail threats” could be: Mail attacks | Threats and risks that are executed by hostile elements. This type of these β€œthreats” is executed by a hostile element, that tries to exploit existing vulnerabilities of our mail infrastructure, or the vulnerabilities our users. The results of such attacks could be a minor damage – such as the damage of spam mail in which the damage is harassment of our users, by sending a mail that includes inappropriate content, such as advertising persuasion to purchase products, which will increase certain body organs. The other side of the story could be mail attack such as a Phishing mail attack that can cause serious damage such as: stealing intellectual property, stealing money, stealing passwords, infects our infrastructure with malware and so on. As an example, we can mention the following mail attacks: 1. Spoof E-mail attacks – a scenario in which hostile element uses a false identity, usually an identity of a β€œtrusted sender” in which the victim can trust. 2. Phishing mail attacks –attack that can be described as – advanced or sophisticated attack, which combines a variety of methods such as – Spoof mail, social engineering, Phishing website, malware and so on for attacking the victim. 3. Spam mail attacks – spam mail that can flood the organization mail infrastructure harasses and annoying mail users. 4. Malware – a hostile code that could cause a minor damage, but at the same time, can cause a huge damage. Another type of threats and risks 1. Data leak – a scenario in which sensitive data is leaking by using the organization mail infrastructure as a β€œbridge”. 2. Data privacy, data confidentiality and data integrity – a scenario in which hostile element access data that is transferred via the communication line etc. 3. Availability of mail infrastructure – a scenario in which the mandatory need of 7 X 24 availability of the organization mail infrastructure may be affected by various factors such as – failure of the mail server’s hardware, failure of communication lines and so on.
  • 5. Page 5 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Although each of this β€œmail threats” that are mentioned above is – an Important and respected threat, in the current article series, I would like to focus on the subject of β€œMail attacks” and especially on the subject of Spoof mail attack and Phishing mail attacks. Additional reading ο‚· Addressing Your CxO’s Top Five Cloud Security Concerns ο‚· Phishing Detecton and Remediation ο‚· Email Security Threats ο‚· Guarding Beyond the Gateway: Challenges of Email Security
  • 6. Page 6 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The Possible Damages Of Phishing Mail Attack One of the most β€œinteresting” characters of Phishing mail attack is, that there is a wide range of β€œdamages” that could be realized by the Phishing mail attack. The type of the β€œdamage” depends upon the creativity and imagination of the attacker. Just in case, I would like to review the most common results from the Phishing mail attack: 1. Fraud Under the section of β€œfraud,” there are a variety of possible types of frauds, for example – Finical fraud, in which the victim is seduced to deposit money in the attacker bank account. 2. Theft Access to user or organization private information A scenario in which hostile element gets access to a private information about the victim such as user password, bank account number and so on. Another option is – A scenario in which hostile element gets access to the organization private data by using the victim as a β€œbridge” to enter that protected organization perimeter. 3. Variable type of β€œdamages” to the organization infrastructure I use this vague definition because, the severity of the possible damage that can be caused by the attacker, depend upon the type of the Phishing mail attack that is executed. For example, the Phishing mail attack can tempt the victim to download and activate a specific file that is actually a malware such as – Trojan horse. The damages that can be caused by a Trojan horse can be a minor damage such as in a scenario in which the Trojan horse serves as an adware (collect information about the user habit, etc.) Or can be translated into a very serious damage in which the Trojan horse serves as a back door for the attacker, that take control on the victim’s desktop, and uses the victim’s desktop as a β€œbridge” to the rest of the organization infrastructure.
  • 7. Page 7 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The wicked structure of the Phishing mail attack As mentioned, the Phishing mail attack considered as a sophisticated attack which combined many malicious methods for implementing a successful attack. For example, in a common Phishing mail attack, the attacker will use a spoofed sender identity, which looks like trusted sender identity that the victim can trust. The E-mail message content will include some β€œnarrative” which is based on social engineering methods, that will address a specific human vulnerability or a specific human character that will seduce and lead the victim β€œto do something” such as – download and open a specific file, click on a specific link that will lead the victim to a Phishing website and so on. The result of the β€œuser action” (the victim) could be data theft, money fraud, infect the user desktop with a malware etc.
  • 8. Page 8 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 What is my point? My point is that if we manage to β€œcatch the head of the snake”, we can avoid from the of a snake bite! If we use a less metaphorically description – in case that we manage to identify and block the Spoof mail attack and Phishing mail attacks, we can prevent the painful results from the attack.
  • 9. Page 9 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 For example, along the current article series, we will review in details the subject of – β€œSpoof mail attack”. We will review the characters of Spoof mail attack, and the way that we can use for dealing with a Spoof mail attack (by implementing sender verification mechanisms). The Spoof mail attack doesn’t have a β€œlife of its own”. The meaning is that from the attacker’s point of view, the ability to spoof the sender’s identity, have a β€œvalue” only as β€œbridge” which will pave the way for the β€œreset” of the Phishing mail attacks. In case that we will be able to identify and block most of the Spoof mail attack, the derivative is that we also be able to block most of the Phishing mail attack!
  • 10. Page 10 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 An important observation is that not all the Phishing mail attack uses Spoof mail attack and in addition, there is not granted that we will be able to identify 100% of Spoof mail attack. Why Do I Want To Focus On Spoof Mail And Phishing Mail Attacks? The answer to the question is that in the current time, there is a deadly cocktail that is served at the local pub which includes the following Ingredients: 1. The significant damage that is caused by Phishing attacks (and Spoof mail attack that is part of the Phishing mail attack). 2. The incredible ease of performing Spoof mail and Phishing mail attacks. 3. The incredible lack of knowledge and understanding about the mechanism, and the characters of Spoof mail and Phishing mail attacks.
  • 11. Page 11 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 My main goal is – to be your wake-up call! The lack of awareness of the risks that involved in Spoof mail and Phishing mail attacks. Although it seems like that everyone knows the meaning of – Spoof mail and Phishing mail attacks, the simple truth is that most of the time, most of us, not really understand the huge impact of this type of attacks, how this attack is implemented, what are the main characters this attack and so on. From my personal acquaintance with customers and organizations, there are a number of core beliefs, that prevent us from dealing with the risks of risks of Spoof mail and Phishing mail: ο‚· It will not happen to me! ο‚· Don’t rock the boat! ο‚· We will deal with the problem when we get to it!
  • 12. Page 12 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The type the above approach, causes us to close our eyes to this Immediate and tangible threat, and hope that – if and when this risk will be realized, we will know how to deal with this β€œissue” or most of the time, find a way to β€œoutsource the responsibility” to another factor that we can blame. The less good news is that in the case of Spoof mail attack and Phishing mail attacks, we can rely on the famous Murphy’s law – β€œIf anything can go wrong, it will!” Alternatively, if you want to put it differently – it’s not a matter of β€œif”, it’s a matter of β€œwhen.” To emphasize my point, let’s do a little test that will enable us to be impressed from the β€œlevel of interest” regarding two important subjects: Identifying phishing mail, and Kim Kardashian. For the purpose of this test, let’s use the YouTube site as an indicator of the β€œlevel of interest.” In the following screenshot, we can see the search results for the term β€œIdentifying phishing mail.” We can clearly see that this issue is not a very popular subject. The sum of the results that deal with this subject of Phishing mail is 700~. The first result is a video that created a year ago, and the average number of β€œviews” for the video results that appear on the first page is measured in hundreds.
  • 13. Page 13 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 In the next screenshot, we can see the search results for the term – β€œKim Kardashian.” We can clearly see that this issue is a very popular subject. The sum of the results that deal with this subject is 1, 630, 000~. The average number of β€œviews” for the video results that appear on the first page is measured in thousands, and some video was watched 4,500,000 ~.
  • 14. Page 14 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 A Little About Spam Mail Before We Continue With The Subject Of Spoof E- Mail Attacks And Phishing Mail Attacks. When reading a technical article about the subject of mail security and mail threats, the Phishing mail attack is frequently described as – a β€œsubcategory” of spam mail. I am strongly opposed to the above definition because this classification minimizes and reduces our awareness of the big risk of Phishing mail attack versus spam mail. If we want to condense the main goal of all the types of mail attacks, the simple answer is – β€œto earn money”.
  • 15. Page 15 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The main difference between spam mail attack and Phishing mail attack is – the β€œway” that the element uses for getting the amount of money. The similar characters of spam mail and Phishing mail The common denominator of spam mail and Phishing mail is that way that the E-mail message is β€œdistributed” among many destination recipients. The main target of β€œelement” that sends spam mail and the element that sends Phishing mail is – to reach the largest possible number of target recipients, by using the option of bulk mail or mass mail. The method for getting the E-mail address of the β€œvictims,” could be similar such as using the option of Harvested E-mail address.
  • 16. Page 16 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Note – this observation is not complete accurately because, when using a specific Phishing mail attack that described as – spear phishing, the attacker doesn’t use the option of bulk mail, but instead, aim his attack to a very specific organization recipient such as the company CEO and so on. The difference between spam mail and Phishing mail The main difference between spam mail attack versus Phishing mail attack is the level of damage or the level of β€œwickedness.” Most of the times, the β€œstandard spam mail” can be considered as an E-mail that includes some kind of a message, that tries to convince you to buy β€œsomething.” Apart from the harassment that is caused by accepting β€œunwanted E-mail message” that compels the user to waste the time required for read or delete the spam mail, there is no other critical damage. Note – there are β€œother damages” that are caused by spam mail such as flooding of an organization, communication lines and the waste of storage space on the mail server but, from the β€œuser perspective,” the spam mail is considered as a non-useful mail, and that’s all. Regarding the subject on – possible damage that is caused by a Phishing mail attack, in this case, the story is totally different! The Phishing mail attacks β€œdamage” could be translated into a specific user damage such as – breaking into a specific person’s bank account and stealing his money or can be realized as an attack, that infects the organization infrastructure with malware that can take control over the organization infrastructure, encrypts hard disks and asking for a ransom and so on.
  • 17. Page 17 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Regarding the β€œdamage level” which can be caused by a Phishing mail attack, the sky is the limit! Spam Mail, A Very Brief Review Although this article series is dedicated to the subject of Spoof E-mail attacks and Phishing mail attacks, I would like to β€œpay my debt” to the subject of spam mail, by providing a very brief review on this subject. Know your enemy | What is the motivation of the spammers? The main motivation of the elements which perform spam mail attack is – money. A very useful way to make money and even a lot of money is – by selling something to someone. One of the easiest and the profitable way of addressing a huge amount of β€œpotential buyers” is – by using the Internet infrastructure. The β€œthing” that the spammer wants to sell, could be a product, a service or even an β€œidea.” ο‚· The spammer may wish to promote a specific product service which he provides. ο‚· The spammer may wish to promote a specific product service someone else’s product (affiliate programs). ο‚· Other – I add the β€œother,” as a space holder for any other thing that the spammer has an interest to promote.
  • 18. Page 18 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Spam mail | The risk level and the consequence In general, we can define the β€œrisk level” of spam mail as low or medium. Although no one would like to get a spam mail, the damage of spam mail is not considered as a real threat to crucial assets of the organization. The possible damage from the spam mail attack could be: ο‚· Annoying our users ο‚· A waste of time that is required for reading the spam mail sends the spam mail to the junk folder, inform the IT staff about the spam mail. ο‚· Lead our users to problematic websites Another type of damages that are caused by spam mail are the damage of the organizational infrastructure such as communication line and storage: ο‚· Spoof E-mails that causes communication lines are overloaded. ο‚· Mail server storage that is wasted on storing the spam mail.
  • 19. Page 19 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 The way that spammers get our E-mail address The last thing that I would like to relate to the subject of β€œspam mail” is the method which the spammers use for getting the information about the E-mail address of their β€œvictims” (our users). In a spam mail scenario, the most common complaint of the users is – that they never registered a specific mail list or didn’t provide their E-mail address to the element that sends the spam mail. The simple answer is that most of the time, they are right! The spammer gets the required information about the β€œE-mail address” of their victims by purchase E-mail lists of mediators who have a database of harvested email address. These β€œmediators” know how to harvest this E-mail address from many types of resources such as – chat rooms, newsgroups, websites, social networking, blogs, Internet directories and so on. Additional methods that spammer use described as – running a dictionary attack. The dictionary attacks are implemented by software engineers who know how to generate billions of combinations, which create β€œoptional E-mail address” that are used by the spammer.
  • 20. Page 20 of 20 | What are the possible damages of Phishing and spoofing mail attacks? | Part 2#9 Written by Eyal Doron | o365info.com | Copyright Β© 2012-2016 Note – the same methods for getting the E-mail address of the potential victims is used by the hostile elm nets that perform Phishing mail attacks. The next article in the current article series is What is so special about Spoof mail attack? |Part 3#9