Web security is still an issue that causes problems for authorities in almost every country in the world, considering new ways that appear almost daily with the aim of stealing personal information from Internet users.
However, there are some that despite being very well known do not lose their validity to cybercriminals, not only because of their ease of implementation but also because of their effectiveness. One of them is plagiarism from email, which is nothing more than creating and distributing fake emails that mimic the domain of a recognized company so that their scam can happen as much as possible, and thus the victim can access the requests made by the attacker. Among the most important Download malware, access systems or data, send personal data, or even transfer money.Cybersecurity firm Kaspersky explained, through a press release.
These ‘fake’ emails often appear to come from reputable organisations, Which jeopardizes not only the targets, but also the good reputation of companies His domain was used to deceive. Furthermore, fake emails can be part of larger, multi-stage attacks, such as those used to discredit companies. This is a growing reality, the company added.
Of course, these types of attacks are not of one category, but there are several ways to implement them, which makes the victim always believe that they are actually receiving an email from a completely existing company and that it is important to them. And so, for example, there “plagiarism legal field”, as its name indicates, in the “from” section of the email, cybercriminals place the domain of a reputable institution, suggesting that they are real.
“However, if the target company implements one of the new email authentication methods, the attackers must resort to another method. This is where the call comes in.” display name plagiarism or “display name spoofing,” in which attackers impersonate the person sending the email, that is, making it appear that it was sent by a real corporate employee,” Kaspersky explains in its statement.
If you are a business owner or worker and want to protect the personal information that has been given to you, just follow these steps:
1. Pedagogy will always be the most important thing. For this reason, it is necessary to conduct a security awareness course, in which you can enhance your own knowledge and knowledge of the company, thus providing employees with the necessary tools Always check the address entered in emails from unknown people.
2. Protect “community” services such as Drive or Microsoft 365 In order to avoid the interference of people outside the company who can filter out false emails and thus steal relevant information.
3. Now, knowledge is important so they don’t fall into a web of idiots plagiarismHowever, the assistance of technology is essential to this goal. It is important to adopt an email authentication method, especially corporate ones. SPF, DKIM or DMARC are among the best options.