The Email Laundry

1

Solutions

19

Articles & Videos

13

Contributors

The Email Laundry combines its industry leading cloud e-mail reputation scoring with sophisticated dynamic malware analysis, real-time threat intelligence and automated threat response to enable organizations to more effectively detect and block these both targeted and general attacks.

Share tech news, updates, or what's on your mind.

Sign up to Post

The life of crime is over for 22 year-old Christian Ian Salvador, a student from Isabela State University in the Philippines.
0
Brown Paper Envelope on Table
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challenge.
1
Credit Card
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
0
Silver and Gold Coins
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
1
High Rise Building during Night Time Photograph
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques.
0
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.

How it Works


fake gmail login screen- phishedThe attack works by targeting a victim’s contact list and sending out authentic looking phishing emails. When this forged email is opened and the attachment clicked, a page appearing to be the Google log in portal opens.

Once the victim submits their credentials into the site, the hackers start crawling the victim’s inbox. These crawlers look at previous subject lines and attachments for contextual relevance to copy.

A screenshot is taken of a previous attachment and a new message is composed. This screenshot becomes the entry way into the phishing Gmail login page. The subject line is then pulled from a previous email that would be relevant to the attachment.

The new version of the email is sent to all the victims contacts, and the attack starts again. The use of previous subject lines and attachment, help to make the hacker’s email look very genuine. This technique has tricked many users into opening the infected attachment.

One of these emails is described by a commenter on Hacker News,

“[The hackers] went into one student’s account, pulled an attachment with an athletic team practice schedule, generated the screenshot, and then paired that with a
0
Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
0
Life Of Pix
The new Gmail Phishing Scam going around is surprising even the savviest of users with its sophisticated techniques. This attack comes as a nightmare trifecta for email filtering services; sent from a familiar contact, using authentic tone and verbiage, and appearing to open to a valid Google URL. I
0
CC0 License
Some of you might know that emails by design have two types of sending and receiving addresses. Yes, you read that right – it’s not just the one you see on your email.

The first type of sending address is the envelope sender which is not visible to the user on their mail client or even in the headers. You can co-relate this with a physical letter, which after being put in an envelope has the address on the outside which is used by the courier to deliver the envelope to the intended destination. Similarly, the envelope sender is used for routing purposes on the Internet.

The second type of sending address is the header From address. This is the one you see displayed on your email or in the headers as From: address. In our metaphor, this would be the address you write on the letter itself. In real life, the envelope can be addressed to A and the letter can be addressed to B. Similarly, email does not require the envelope sender to match the header From address.

So the email that you see coming in from friend@yourdomain.com could easily be from hacker@bigbadwolf.com .

This is one of the ways the bad guys send out CEO Fraud emails or as termed by the FBI, ‘Business E-Mail Compromise’. The emails almost always originate from an external source. This means that the envelope sender is from an external domain but the header From address is spoofed to look like it is coming from your domain. There are very simple steps you can follow when using our email filtering to …
1
CC0 License
Choosing an appropriate provider for your company’s email security can be difficult as email security is a key element in the overall security of a business. A company’s email is an open door for malicious hackers who can potentially drive your business into the ground with one rogue email. There are a few options with regards to a solution but it all depends on picking the right fit for your business. This blog post is dedicated to the options businesses face when choosing their email security.


Appliance or Software Solutions - On Premise


Generally, the most popular choice for a company are appliance or software solutions. These appliances are great for focusing on certain aspects of email security such as data privacy and spam and virus protection. This option is also easy to install and not very expensive. However, these software solutions require a lot of  "hands on" updates which do not come with the benefits of realtime threat intelligence or the big data analysis that can be performed across the entire network of a cloud provider and can be quite slow to update. These appliances operate by themselves and require occasional attention from the beholder of the software.


Hosted Email Security - the OEM way


Another option businesses have are hosted email security services where the provider is simply hosting an appliance or application to take some management out of the customer’s hands. This option would be considered appealing as the customer …
0
Email Encryption

Encryption for Business



Encryption ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. The information passed between companies and clients needs to be encrypted as the contents are mostly confidential. Any business owner should know that the primary attack method to compromise sensitive company data is through email. Email is the chink in every organisation's armor and hackers will target that vulnerability. Encryption is necessary for companies as cyber criminals prey on emails that include attachments with private data, links, bank details and any other forms of crucial information.

With email encryption, a company can protect its sensitive information from cyber criminals by only allowing certain users access to the emails you send. Consider this, if you are away on vacation and want to send a pictured postcard to a friend, would the contents of your postcard include highly confidential information, for instance, bank details or the home alarm code? Of course not. Just like a picture postcard, a non-encrypted email can be exposed for all to see.

Businesses use email encryption to have more control and protection over sensitive information that they may share over email. The NSA and AT&T’s Spying Pact is a perfect example of…
0

The Email Laundry

1

Solutions

19

Articles & Videos

13

Contributors

The Email Laundry combines its industry leading cloud e-mail reputation scoring with sophisticated dynamic malware analysis, real-time threat intelligence and automated threat response to enable organizations to more effectively detect and block these both targeted and general attacks.

Top Experts In
The Email Laundry
<
Overall
>