Phishing

Dr. Greg Bernstein

May 20th, 2021

Phishing

Cyber attack: Phishing

From Wikipedia: Phishing

Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details or other sensitive details, by impersonating oneself as a trustworthy entity in a digital communication.[1][2] Typically carried out by email spoofing,[3] instant messaging,[4] and text messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.

Types of Phishing

From Wikipedia: Phishing

  • Spear phishing – Targeting specific individuals
  • Whaling – targeting high value individuals
  • Catphishing and catfishing – related to fraud in social networks and romance
  • Voice phishing (vishing) – via voice technologies
  • SMS phishing (Smishing) – via texts

Phishing Resources

Phishing Additional and Technical Resources

  • OpenPhish “Timely. Accurate. Relevant Phishing Intelligence.”

  • PhishTank, Phishing reporting and data collection site

  • SpamHaus

Email Filtering

Ways to intercept Spam

TBD

DNSBL

From Understanding DNSBL Filtering

A DNSBL (commonly known as a ‘Blocklist") is a database that is queried in realtime by Internet mail servers for the purpose of obtaining an opinion on the origin of incoming email. The role of a DNSBL such as Spamhaus’ SBL/XBL/PBL Advisory system is to provide an opinion, to anyone who asks, on whether a particular IP Address meets Spamhaus’ own policy for acceptance of inbound email.

Postfix Junk Control

From Features

Postfix junk control features

Spam Filter

The purpose of a spam filter is to reduce the amount of incoming spam, or junk mail, that reaches user’s mailboxes. Spam filters accomplish this by applying spam detection rules–which consider a variety of factors such as the server that sent the message, the message content, and so forth–to incoming mail. If a message’s “spam level” reaches a certain threshold, it is marked and treated as spam.

Spam filters can also be applied to outgoing mail. This can be useful if a user’s mail account is compromised, to reduce the amount of spam that can be sent using your mail server.

SpamAssassin is a popular open source spam filter.

Antivirus

Antivirus is used to detect viruses, trojans, malware, and other threats in incoming and outgoing mail. ClamAV is a popular open source antivirus engine.

Webmail

Many users expect their email service to provide webmail access. Webmail, in the context of running a mail server, is basically mail client that can be accessed by users via a web browser–Gmail is probably the most well-known example of this. The webmail component, which requires a web server such as Nginx or Apache, can run on the mail server itself.

Examples of software that provide webmail functionality: Roundcube and Citadel.

// reveal.js plugins