Inyova’s short monthly newsletter about security recommendations, news, and interesting facts.
This is an internal newsletter sent to the Inyova team each month. We hope you enjoy it as much as we do!
Today’s topic: Forgotten email spoofing
Sweet intro to email
Email communication is based on a 40-year-old set of formatting & processing rules called SMTP protocol. The required structure could be compared to a physical letter. SMTP asks for basic sender/receiver information in the header, and a message stored in the body. To top it off, it’s all wrapped in the envelope with the sender/receiver information once again. To protect our emails, we additionally use TLS to encrypt them (SMTPS protocol).
Safe and sound, right?
What happened?
Recently, I received an email with a warning from my email service that an email is spoofed. It’s a phishing technique that is easily forgotten or ignored by users, but it is widely spread, easy to use, and can result in catastrophic security implications.
What the hack is email spoofing?
When someone sends us a phishing email, we recognise it quickly. The attacker impersonates John Doe, but the sender’s email address doesn’t match John Doe’s email. Busted, reported.
Email spoofing is an attack where a hacker alters the sender’s email. The attacker claims to be John Doe, and the email seems to be sent from John Doe’s email.
How’s that even possible?
How email spoofing works
It all comes back to the SMTP. The protocol allows you to alter the envelope and the header. Email services display the sender with whatever text is saved in the From (header) field. Meanwhile, the true sender identity is hidden in the Mail From (envelope) field.
Victims interact with the malicious email, share private data, share private accesses, payment information, and more. Email spoofing is illegal and it is considered to be a criminal activity categorised as cybercrime.
What should I do?
Modern email services offer automatic detection of spoofed emails via SPF (Sender Policy Framework). You can check if your email service provides an automatic warning for spoofed emails.
If you are still unsure, you can always easily run the email through the header analysis. For example, this is how to do it on Gmail. And you can use DKIM – a digital signature for your emails, which is luckily often active by default in modern email services.
That’s it! Keep your mechanics safe and thanks for reading.
Sources:
https://www.tessian.com/blog/what-is-email-spoofing/
https://cybernews.com/secure-email-providers/email-spoofing/
https://www.vaadata.com/blog/phishing-how-to-prevent-email-spoofing/
Advertising notice: The information and evaluations presented here are an advertising announcement which has not been prepared in accordance with legal provisions promoting the independence of financial analyses and is not subject to any prohibition of trading following the dissemination of financial analyses. The acquisition of this investment involves considerable risks and may lead to the complete loss of the invested assets. Inyova receives an all-inclusive fee of 0.9 - 1.2 & p.a. for its services, depending on the amount of assets under management. The exact calculation can be found at www.inyova.de/en/fees.
Risk notice: All information is only intended to support your independent investment decision and does not represent a recommendation by Inyova. The product information and calculation examples presented do not claim to be complete or correct. Only the specifications in the asset management contract incl. the further legal documents, which are made available to customers of Inyova via the complete customer documentation, are authoritative. Please read the asset management contract and the other client documents carefully before making an investment decision. The following applies to all shares and ETFs: Past performance is no guarantee of future performance. Information on past performance does not permit forecasts for the future. Investments in securities include the risk of a loss in value. Other securities services may achieve different results. The results for individually managed portfolios as well as the different time full stops may differ due to market conditions, different entry times, different portfolio sizes, individual restrictions and the respective composition of the portfolio.
Disclaimer: Past performance of financial markets and instruments is never an indicator of future performance. The statements or information contained in this document do not constitute a recommendation, offer, or solicitation to buy or sell any security or financial instrument. Inyova GmbH assumes no liability whatsoever with regard to the reliability and completeness of the information contained in this article. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected. Furthermore, the statements contained in this document reflect an assessment at the time of publication and are subject to change. References and links to third party websites are outside the responsibility of Inyova GmbH. Any responsibility for such websites is declined.
EU Sustainable Finance Regulation: the terms and categories from this post do not correspond to the terms and categories of the EU Sustainable Finance Regulation. You can find the disclosures and explanations required under the EU Sustainable Finance Regulation at https://inyovagmbhpro.wpenginepowered.com/en/sustainable-finance-disclosure-regulation..