some attacker-controlled websites. And the computer may get infected by malware.
Sometimes, the user may even get tricked by a phishing email from a forged sender email address and become a victim of cybercrime.
Identifying the actual source of emails
Even though an attacker can forge the sender field of an email, the email header will contain the IP address of the attacker. So, from the “Received:” lines in the email header, one can identify the actual source of the spoofed email. Also, spoofed emails often contain a different from and reply-to address in an email. So, if the from address and the reply-to address contain completely different domains, that may indicate that the email is a spoofed one.
How to prevent email spoofing?
An effective countermeasure to email spoofing is to use SSL/TLS in the mail transfer software to enforce authentication. SPF or Sender Policy Framework, DKIM or DomainKeys Identified Mail, DMARC or Domain-based Message Authentication, Reporting and Conformance can also be effective methods of detecting and preventing email spoofing.
Attackers often use different techniques for the purpose of phishing and spreading malware. Readers who are interested in reading about different techniques used by attackers in a phishing scam and analysis of phishing emails based on that can refer to the book “Phishing: Detection, Analysis And Prevention.”
Security Fundamentals Practice Tests
The Security Fundamentals Practice Tests test one’s fundamental knowledge of cyber security. They are good for those preparing for various certification exams, such as the CCNA, CCNP, or CompTIA, and for students and IT/security professionals who want to improve their understanding of cybersecurity.
0 Comments