Tag Archives: email

Why URL link defense is so important

Security No Comments
Why URL link defense is so important

Receiving phising emails is scary enough. Is it actually a genuine email? Is that link pointing to something to something that actually does what the email tells me?

Unexpected emails may show up at any given moment in time. The timing itself is often an indicator of something fishy. (pun intended).

I received an email from a Chinese shipping company telling me that I have 6 outstanding emails which I need to review on their portal. That already is very peculiar as I’ve never dealt with that company but given the fact I had ordered something on Ebay from a chinese seller it could’ve been a genuine request.

My emails go via Proofpoint and they already flagged the message a potentially malicious and kept it quarantined for me to review first. I released the email on purpose so it ended up in my mail box. The links that are created in those emails are modified by Proofpoint so that clicks on those links will be checked and if found malicious, the access will be blocked.

I used a separate, isolated, computer to click on that link and see what happened. As expected, the url defense mechanism of Proofpoint successfully blocked the page.

This also works a-synchronously. What do I mean by that??
If an email is sent and goes through the Proofpoint system, it may be that this site has not been checked yet or has been checked as being a non-problematic site. Many malicious actors use this technique to bypass the training algorithms of existing spam checkers and security solutions. Only after a while, they will load malicious software on these sites. As any email will not have been classified as spam or malicious, they will then still sit in your inbox with that same link that has now become a dangerous gateway to hackers and scammers.

As Proofpoint has changed the link to first pass their systems, they can always flag the site as malicious and still block it, as happened in my case above, even though it did not block or quarantine the email in the first place.

This is a very powerful security mechanism to have in place and I would recommend this to enable at all times.

Contact us for more info.

Kind regards

Erwin van Londen

Microsoft Identifies 38% Increase in BEC

Security No Comments
Living proof of scam prevention

The sheer number of emails that currently travel the globe is astounding. Billions of emails are underway every single day and, I must add, the majority are simply legitimate ones. Herein lies the problem from a security perspective, psychological conditioning. Basically meaning that the brain is acting based on experience from previous engagements. Whenever you see an email arriving in your inbox, there is some sort of automatic response and the “look and feel” of an email triggers a certain behaviour.

Continue reading

Business Email Compromised? Or not?

Security No Comments

When it comes to Phishing attempts, email is the number 1 methodology to try and lure unsuspecting victims into traps that could result in various precarious scenarios with, most often, devastating consequences. It is therefore of the utmost importance to identify these attempts and prevent them from even reaching the email inbox of the recipient.

When your company assets are being used as part of a spam/phising attack where victims get emails with letterheads and logo’s of your company, the implications are far-reaching from brand damage via customer impact to financial burdens. So how do you do that?

Continue reading

Let’s go Phishing.

Security No Comments

phishing

noun

  1. The act of sending email that falsely claims to be from a legitimate organization. This is usually combined with a threat or request for information: for example, that an account will close, a balance is due, or information is missing from an account. The email will ask the recipient to supply confidential information, such as bank account details, PINs or passwords; these details are then used by the owners of the website to conduct fraud.
  2. The act of circumventing security with an alias.

If you read my previous post (Cybersecurity prevention is like Whack-a-mole) you would have seen that a large part of defending your organisation against malicious people and organisations comes down to people and having the knowledge and awareness to be able to assess suspicious activities.

Continue reading