Category Archives: Email

Security and risks associated with electronic mail.

Does That Suspicious Email Contain A QR Code?

In some cases, suspicious emails might contain QR codes to take you to a web site for further action :- For example :- In general, QR codes can contain web site addresses, but because they are encoded, it makes it … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Does That Suspicious Email Contain A QR Code?

Phishing Attacks Against Academics with an Interest in Russia/Ukraine

We have been alerted to the activities of a politically-motivated phishing “crew” targeting (amongst others) the Higher Education sector with particular reference to academics with interests in Russia and Ukraine. The attacks look to be targeted to specific individuals with … Continue reading

Posted in Active Attacks, Email | Tagged , , | Comments Off on Phishing Attacks Against Academics with an Interest in Russia/Ukraine

Detecting Suspicious Emails

This blog post is going to be somewhat longer and more technical than usual. It is intended as documentation for the use of IS staff, but may be more widely useful (at least in parts). To start with emails come … Continue reading

Posted in Email, Malware | Tagged | Comments Off on Detecting Suspicious Emails

An Email With An Encrypted ZIP Attachment?

That’s suspicious! At least it is if the password to decrypt the ZIP file is contained within the email – when you’re sending something secret you would send an encrypted ZIP file as an email and then send the password … Continue reading

Posted in Active Attacks, Email | Tagged , , | Comments Off on An Email With An Encrypted ZIP Attachment?

The “Secret” BCC Email Header

You want to send an email to a long list of people; perhaps that list should remain private, or perhaps you just want to avoid the inconvenience of people seeing a huge “To” field with tons of other addresses in. … Continue reading

Posted in Email, General | Comments Off on The “Secret” BCC Email Header

Spam: Mail Quotas and Bitcoin

Recently we have become aware of an issue in relation to one of our cloud service providers which is weakening one of our email security measures – specifically the mechanism put in place to make it harder to impersonate UoP … Continue reading

Posted in Active Attacks, Email | Tagged , , , | Comments Off on Spam: Mail Quotas and Bitcoin

Dealing With Suspicious Emails

From time to time, we all receive emails at work that we regard as a little suspicious (if you do not, it is quite possible that your suspicion level needs to be increased). What should we do with those emails? … Continue reading

Posted in Email | Tagged , | Comments Off on Dealing With Suspicious Emails

Who Is mikemeredith@hotmail.com?

Short answer: No idea! And yes that is my name. We have received a couple of reports of phishing attempts using look-alike names – in this example (which isn’t real), the email address mikemeredith@hotmail.com was used in an email purporting … Continue reading

Posted in Active Attacks, Email | Tagged , , | Comments Off on Who Is mikemeredith@hotmail.com?

Email: Spam/Ham and Some Indigestible Acronyms

This posting has been a long time coming, and is probably longer than ideal, but for those who send bulk emails, there may well be some useful tips in here. And for convenience those who use cloud-based services that also … Continue reading

Posted in Email | Tagged , , | Comments Off on Email: Spam/Ham and Some Indigestible Acronyms

Diagnosing a Phishing Attack

I was clearing out some older emails today and encountered an attempt to phish Apple credentials; although this one was specific to Apple, the general lessons apply to all phishing attacks … and indeed more general malicious spam. The attack … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Diagnosing a Phishing Attack