Download presentation
Presentation is loading. Please wait.
Published byShana Jackson Modified over 8 years ago
1
Analysing Emails Michael Jones
2
Overview How email works Types of crimes associated with email Mitigations Countermeasures Michael Jones2Analsysing emails
3
How Email Works Email uses Simple Mail Transport Protocol (SMTP) – Normally linked to port 25 Text-based protocol – All commands are written in plaintext No verification or encryption – Of sender’s credentials – Of the integrity of the message For more information – Search for “smtp tutorial” Michael Jones3Analsysing emails
4
Mail Forwarding A mail server might not have direct access to the server that owns the recipient’s account The mail is then forwarded to another server that might have that information The details of each server are added to the START of the message The originating location is thus the last one (in the header) – Providing no spoofing has gone on Michael JonesAnalsysing emails4
5
Email-related Crime Email spoofing Sending malicious codes through email Email bombing Sending threatening emails Defamatory emails Email frauds For more information: – Search for “email-related crime” or “email crime” Michael Jones5Analsysing emails
6
Email Spoofing Techniques – Suggesting the email comes from someone other than the actual sender – Typing incorrect sender details Example crime: spamming – Most email on the Internet is spam – Spamming is not a criminal offence – Compromised or rogue servers used to mask the original location from which the emails were sent – Most spam is motivated by money E.g., getting people to buy drugs – Almost all companies now employ spam filtering software Michael JonesAnalsysing emails6
7
Sending Malicious Code via Email Code included in an attachment User opening attachment is interpreted by the software as implying that the user trusts the contents of the attachment Example: I Love You More sophisticated emails might suggest that the attachment is a security patch that must be applied – E.g., sender spoofs the email as being from a trusted security company Michael Jones7Analsysing emails
8
Email Bombing Swamping someone’s email account Direct technique – Sending lots of emails – often with attachments – Fairly easily detected Indirect technique – Subscribe the user to many mailing lists – Difficult to prevent, and time-consuming to counteract Michael JonesAnalsysing emails8
9
Sending Threatening Emails Example of cyber bullying – Prevalent in many schools (but methods are often linked to chat and SMS) Intentions: – Blackmail (e.g., by attaching or including apparently incriminating images or facts) E.g., for money or information – Social exclusion – by children Michael JonesAnalsysing emails9
10
Defamatory Emails Defamatory = words intended to harm another Sent either to the person or to someone else Example: – Bill sends an email to Emma suggesting it comes from John. The email contains malicious information about Julie. Julie is being defamed, and the implication is that John is the perpetrator Michael JonesAnalsysing emails10
11
Email Frauds Phishing – User is tricked into not only revealing their bank details, but into allowing the attacker to take money from their account How it works – Depends on the delays in the banking clearing system – Attacker appears to deposit a large amount of money in the victim’s account – Victim allows the attacker to take ‘commission’ for the transaction – A few days later, the bank clearing system catches up and finds that the deposit was fraudulent – The only valid transaction is the one FROM the victim’s account Michael JonesAnalsysing emails11
12
Mitigations Mitigation – counteracting something that has already occurred Email mitigation is difficult – Direct bombing can be detected and countered – Attachments can be quarrantined Michael JonesAnalsysing emails12
13
Countermeasures Techniques Spam detection and filtering – User education E.g., do not open attachments you do not trust – Hiding email addresses E.g., not placing them directly on a web page – Hiding them using JavaScript – JavaScript puts the email together from various fragments Spam software ‘harvests’ email addresses by scanning web pages Michael JonesAnalsysing emails13
14
Summary Most malicious email activity is relatively harmless at the company or country level But not at the individual level Users need to see email as indicative, not definitive Michael JonesAnalsysing emails14
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.