December 8, 2024

To avoid detection, phishing employs a wide variety of strategies

It’s best not to make a public show of your religious beliefs.

Those who use Gmail or Google Docs have access to Google’s SMTP relay service. If you use Gmail or Google Workspace, you could be a target of phishing, according to Avanan. In the span of two weeks in April 2022, Avanan uncovered about 30,000 spam emails.

According to ZeroFox’s v.p. of intelligence strategy and advisory, DMARC, Sender Policy Framework (SPF), and DomainKeys Recognized Mail (DKIM) are three technologies that can enable receiving e-mail servers to reject counterfeit emails and even report dangerous activity back to the impersonated version.

“[Users] should always use trustworthy paths… rather than browsing links,” the article advises, adding that “[w]hen doubtful, which is nearly always, [users] ought to always use trusted pathways.”

Manufacturers value their clients’ confidence highly. More and more often, CIOs are being asked to take the helm of, or at least provide support for, an organization’s trust initiatives. Kimi agreed completely.

James McQuiggan, a safety awareness advocate at KnowBe4, claims that malicious operations like Avanan take advantage of the fact that these tactics are not as commonly used as they should be. He emailed his thoughts to Lifewire to share with the world. Avanan contrasted Netflix, which does use DMARC, with Trello, which does not, and was not deceived by either service.

Therefore, if you want to protect yourself against phishing efforts, he recommends a variety of security measures.

Domain name spoofing is the first sort of phishing assault that occurs when hackers pose as a known and trusted contact of the target, such as a family member or a supervisor at work, in the hopes that the target will not take the time to check that the email really comes from the bogus address.

McQuiggan cautioned, “People should not accept the name in the “From” line at face value,” and suggested instead that recipients double-check the email address concealed by the fake identity. He suggested that recipients double-check the authenticity of an email’s sender by getting in touch with them via a different method, such as an SMS message or a phone call.

However, in Avanan’s SMTP relay assault, the message will appear to return from a real tackle, so simply trusting the sender’s email address isn’t enough.

According to Clements, this was the only way the attack could be distinguished from any other phishing email. But the phishing email will still have telltale signs, so don’t let your guard down.

Researchers at the cybersecurity firm Avanan discovered that phishers have been abusing Google’s SMTP relay service, which allows attackers to pose as any Gmail user, including those belonging to well-known brands. By using a novel attack approach, the phishing email appears to be legitimate, successfully duping not only the intended target but also automated e-mail security systems.

“Threat actors are always devising new ways to get over these limits,” including spam filtering. Chris Clements, vice president of options structure at Cerberus Sentinel, emailed Lifewire, “Despite a recent surge in attacks that exploit purportedly trusted sources, it is indicated in the report that Google’s SMTP relay service was employed in this attack.”

Clements says that a bizarre request could be included in the communication, especially if it is presented as an emergency. On top of that, there will be several typos and grammar errors. Hyperlinks in the email that don’t go to the sender’s usual website are another red flag.

Chris said, “When in doubt, and you should almost always be unsure, customers should always go to the company’s web site or call the assistance number displayed there to confirm, rather than visiting hyperlinks or calling phone numbers or emails listed inside the suspicious message.”