The document discusses email phishing attacks and strategies to prevent them. It defines the attack surface as all possible entry points for unauthorized access, such as vulnerabilities, devices, and network nodes. Phishing works by tricking users into clicking links or entering login credentials on fake websites that look like legitimate ones. The document recommends educating users about phishing, punishing attackers legally, detecting and blocking phishing websites, and using technical methods like spam filters to stop phishing emails. It prioritizes improving remote access policies, separating personal and work data, frequently updating security systems, strong passwords, multi-factor authentication, and security training for employees.
Secure Email Communication: A Guide to Preventing Phishing Attacks
1. Abstract:
We cannot imagine a day without a computer especially without Internet. E-Mail is one of the
primary ways through which we communicate. We not only use it every day for official
communication but also to be in touch with our friends and relatives. As E-Mail plays a vital role
in communication globally for communication and sharing of data as well. The security issues
also have increased. The major problem or the attack on E-Mail by the hackers nowadays is
known as E-Mail Phishing. It is the right time to secure the data communicated over mail even
on trusted network. Cyber criminals craft these emails to look convincing, sending them out to
literally millions of people around the world. The criminals do not have a specific target in mind,
nor do they know exactly who will fall victim. They simply know the more emails they send out,
the more people they may be able to fool. In this paper we are analyzing the various ways in
which the Phishing is achieved, the possible solutions and the awareness along with some tips to
be away from a victim of Phishing attacks are discussed.
Data collectionplan.
▪ Define and describethe attacksurface:
A) Attack Surface Definition:
The attack surface refers to the total number of possible entry points for unauthorized access into
a system. All vulnerabilities and endpoints that could be utilized to conduct a cyber-attack are
included. The attack surface refers to the entire region of an organization or system that is
exposed to hacking. Most modern businesses have a large and complicated attack surface. As the
number of devices, web apps, and network nodes grows, so does the number of potential
cybersecurity threats.
B) DescriptionofAttack Surface:
The Attack Surfaces for the Authentication attacks on email servers, the cyber attacker goal is to
fool us in to clicking on a link and taking you to the website that asks for your login and
password, or perhaps your credit card or ATM number. These websites look exactly same like
original website. Another attack is a type of phishing attack whereby a legitimate, and previously
delivered, email containing an attachment or link has had its content and recipient address taken
and used to create an almost identical or cloned email. The attachment or Link within the email
is replaced with a malicious version and then sent from an email address spoofed to appear to
come from the original sender. It may claim to be a resend of the original or an updated version
to the original. This technique could be used to pivot from a previously infected machine and
gain a foothold on another machine, by exploiting the social trust associated with the inferred
connection due to both parties receiving the original email.
When we feel we are hacked we have to change the passwords immediately, because most
individuals use the same password for several sites thieves may already have access to your other
accounts on popular sites. Taking the following steps can help organizations examine and
decrease their physical and digital attack surfaces:
2. Educate users to understand how phishing attacks work and be alert when phishing-alike
e-mails are received.
use legal methods to punish phishing attackers
Use technical methods to stop phishing attackers.
Detect and block the phishing Web sites in time.
Enhance the security of the web sites.
Block the phishing e-mails by various spam filters.
Potential Sources:
Be suspicious of any email that requires “immediate action” or creates a sense of
urgency. This is a common technique used by criminals to rush people into making a
mistake.
Be suspicious of emails addressed to Dear Customer or some other generic salutation. If
it is your bank, they will know your name.
Be suspicious of grammar or spelling mistakes; most businesses proofread their messages
carefully before sending them
Be suspicious of attachments and only open those that you were expecting.
Prioritizing the workofSecurityAnalyst:
In order to prioritize work, an analyst must first determine which vulnerabilities are most likely
to be exploited. Effective IT teams employ cybersecurity reports, and then make controlling
those vulnerabilities a top priority on any controls they deploy to safeguard their cyber assets.
The Following are the Tasks that need to be prioritized for the Remote security work
1) The Need for Better Remote Access Policies:
However, many business owners are unaware of the requirements for arobust remote
access strategy. Expert advice is becomingincreasinglyvital to avoid major risks such
as identitytheft, data breaches, and data loss, which affect all workers, not just remote
workers.
2) Separating Personal and Work Data:
The issue of mobile access security isn't new. Bring-your-own-device (BYOD) rules
have become more common in recent years, and 69 percent of "IT decision-makers" say
they are a good idea. Because 67 percent of employees use personal devices at work,
employers should already have security processes in place to cope with the possible risks
of mixing personal and corporate data.
3) Frequently update your network security systems:
It's critical that network security systems, like as firewalls, antivirus software, and
spam filtering tools, are installed on each device that remote employees use to access
company or customer data, and that those systems are kept up to date. You can even
consider investing in a mobile device management platform so that you can remotely
delete a device of any sensitive data if it is lost or stolen.
3. 4) Require employees to use strong and varied passwords.
Weak passwords pose a major security risk to your organization, especially when
remote work is involved, so it’s important that you advise your employees to use strong
and varied passwords and to avoid reusing passwords.
5) Utilize multi-factor authentication:
In order to authenticate their identity, multi-factor authentication (MFA) needs users to
supply numerous pieces of information. Security questions, push notifications, personal
identification numbers, and biometrics are all forms of MFA.
6) Train your employees well and supply them with robust IT support:
The most effective remote work security measures begin with good training. Provide
cybersecurity awareness training to your staff, and make sure your IT team is available
to assist your remote workforce with any security problems.
Stake Holders involved:
1.Chief Security officer (CSO) is the organization's chief security official; he gathers
information from his team and prepares and publishes the organization's security standards
and principles.
2.Security Analyst: Security Analysts reports to the CSO, they work on the company
security. They are also involved in the preparation of guidelines, or any issues raised.
3.Forensic Team: forensics team help the company to investigate on the cybercrimes. We
use them for investigating the cyber-attacks.
DesignDiagram: Securityimplementationfor Accessingthe Company data and Apps
4. References:
[1] Guidelines on Electronic Mail Security Recommendations of the National Institute of
Standards and Technology Special Publication 800-45 Version 2.
[2] M. Delany, “Domain-based email authentication using DNS , May 2007. http://ietf.org.html
[3] A countermeasure to email sender address spoofing by Toshiyuki Tanaka, Akihiro Sakai,
Yoshiaki Hori, Kouichi.
[4] Techniques and tools for forensic Investigation of e-mail International Journal of Network
Security & Its Applications (IJNSA), Vol.3, No.6, November 2011
[5] Cyber crime – prevention & detection by v.shiva kumar, Asst.director A.P.Police Academy.
[6] http://www.antiphishing.org.