Tag Archives: phishing email

Email Security: What is credential phishing?

Credential phishing is a type of email-based attack that uses malicious web forms mimicking legitimate websites to steal the victim’s login credentials. Potentially targeted credentials can include any web-based service, including:

  • Microsoft Outlook Web Access (OWA) and other corporate web-based email services
  • Free webmail services (e.g., Gmail, Yahoo, Hotmail)
  • Cloud-based sync and sharing services (e.g., DropBox, Box)
  • Online shopping (Apple ID, Amazon, etc) and loyalty program logins 

The credential phishing site frequently appears to be a perfect copy of the targeted website, and as a result a quick visual scan by the victim does not arouse suspicion. However, the domain in the URL will be under the attacker’s control, rather than owned by the targeted organization, and may indicate that the site is not legitimate.

Credential phishing is one of most successful social engineering technique to target larger organizations.

Email Security: Learn how to hunt phishing/spam emails?

Threat Hunting Through Email Headers

DKIM: Everything You Need to Know About Digital Signatures

Understanding SPF, DKIM and DMARC

Put simply, SPF, DKIM and DMARC are ways to authenticate your mail server and to prove to ISPs, mail services and other receiving mail servers that senders are truly authorized to send email. When properly set up, all three prove that the sender is legitimate, that their identity has not been compromised and that they’re not sending email on behalf of someone else.

These antispam measures are becoming increasingly important, and will one day be required by all mail services and servers. ISPs and mail services, such as Gmail and Office 365, are getting more and more stringent in the types of email they’ll accept, so having all three checks configured ensures that email gets delivered and isn’t rejected outright or otherwise delayed.

https://www.smartertools.com/blog/2019/04/09-understanding-spf-dkim-dmarc

Phishing – Email Header Analysis

Abstract

Email Headers hold a lot of information. Much of this information is never displayed to the user. The email reader only sees a select few pieces of information like the subject, date, and the sender’s email and info. The surprising part is that the information that is actually displayed to a user can be easily forged!

Read more in..https://mlhale.github.io/nebraska-gencyber-modules/phishing/email-headeranalysis/

Email & Email Headers Checking Tools:

To Analyze Email Headers, User Google Apps https://toolbox.googleapps.com/apps/messageheader/

This Email Checker Tests The Validity & Reachability Of An Email Address https://network-tools.com/email-tests/

5 tips to avoid spear-phishing attacks

Abstract

Phishing, very briefly defined, is where a cybercriminal tricks you into revealing something electronically that you ought to have kept to yourself. The good news is that most of us have learned to spot obvious phishing attacks these days.

The bad news is that you can’t reliably spot phishing attacks just by watching out for obvious mistakes, or by relying on the crooks saying “Dear Customer” rather than using your name.

Read more in