FAQ – Email the Cybercrime attack weapon

Technology in the hands of businessmenEmail is something that 90% of the digital world cannot do without.   The problem with email is that it takes over and controls our lives.   It is there first thing in the morning and just before we go to bed and we are drawn to it like bees to honey.   Although social media is making a dent in our use of email it will be around for a little while longer.

There are a number of issues with email that never seem to get addressed by IT departments and external providers.   A simple explanation would remove a vast amount of email frustration.

So here goes!

One of the biggest problems is SPAM.   Even today, SPAM still consumes 62% of all traffic on the Internet.

One of the problems with SPAM is it is the primary way for cybercrime to target you and your computer.   Not only is it exceedingly annoying.   The days of cheap pills and Viagra are reducing all the time and the anti-spam systems are catching more and more but as an attack vector for cybercrime it is increasing.   Not only do we have SPAM, but there is an increase in phishing and spear phishing through email.   (See below)

Most businesses now have some level of anti-spam filter that removes 95% of the real SPAM.   If you’re using a cloud based email system, google, office 365 or an ISP based mail system then you get the opportunity to manage the SPAM or they have a basic system in place for all of their users.

When it comes to email – erring on the side of caution is one of your best protections.   If a email message does get through that is suspicious this is not what to do

  • Follow any link from someone you think you know
  • More importantly – If you do click on a link, and a pop up happens, do not install anything that it asks.   Always think, I watched a video yesterday why is it not working now
  • Give any personal information out, especially passwords (no legitimate company will ask you for your password) if asked.

Phishing

Phishing is the process of hooking people through email.   It is one of the most cost effective ways for cyber criminals to gain more information about you.   Cyber criminals rely on our honesty and our compliance to do things when asked.   They will get you to reply, forward or click on links in email to further their own needs.

Spear phishing

This is by far the most dangerous use of email for cybercrime. A spear phishing email is specifically targeted at an individual within an organisation. To get to that well-crafted email, (some of them are indistinguishable from internal email, known email or expected email) the attacker will do in-depth research on their target. This in-depth research will include contact through social media, twitter and LinkedIn, social engineering through phone and introductions through people that you may know.

This is when you know you have something worth stealing.

Other problems with email – the bounce message.

A bounce message can be distressing and annoying but there is always a reason behind it.   The three main ones are incorrect email address (even when you actually hit the reply button), the receiving domain is no longer available, and the one that causes the most problems – the Internet address is on a SPAM database.

There are a number of problems with the fact that someone cannot send email to you – especially if the domain is on a RBL (real time black list). To get on an RBL the domain has to have done something wrong.   No one gets on an RBL without doing one of three things: the address is an open relay, the address has been compromised and the address has been infected with a virus.   Another reason is they have been sending unsolicited email and they have been reported.

This is not the receiving domains problem.   You have an anti- spam system in place for a reason, to protect you from people who have either sent thousands of email or the email that is coming out is infected with malware or viruses.   Either way you do not want it inside your network.

The best thing that the sending domain can do is find out why they are on the RBL, fix the problem then clear themselves from the list.   If they do not do that the restrictions on their domain tighten and they will not be able to send email to 99% of domains on the Internet.

When they start to get annoyed that they cannot send you email and ring you and abuse you then get them to print out the bounce message and fax it to your IT department and they will sort it out for you.

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.

Leave a Reply