Category Archives: Email

Security and risks associated with electronic mail.

The Anti-Phishing “Gold Star”

Recently a query to a UK HE security list came with a link to https://www.phishingscorecard.com/ScoreCard/United-Kingdom/Education/MTEtMTE%3d which gives us a classification of “Security rockstar” for anti-phishing security measures :- (The “DKIM” green flag only shows up if you upload an appropriate … Continue reading

Posted in Email | Comments Off on The Anti-Phishing “Gold Star”

Careful With That Link Eugene

Over the last few weeks, I have noticed an increasing number of very suspicious looking links blocked by our “DNS firewall” – links like “xwhdg.read-this-hot-stuff.today”. The suspicion is that people are being sent emails with links within and they are … Continue reading

Posted in Email, Firewall | Comments Off on Careful With That Link Eugene

The Latest Phishing Attack

I have just been alerted to yet another phishing attack that works by sending web links via email to a “secure message” (or in the example no words at all). The link of course takes you to a malicious site … Continue reading

Posted in Email, Passwords | Tagged | Comments Off on The Latest Phishing Attack

How to spot a phishing email

It claims that there is an important meeting, and contains a link for details.  The email may even use your name (so called ‘spear-phishing’).  However, the link provided leads to a fake website designed to capture your login details so … Continue reading

Posted in Email, General | Tagged | Comments Off on How to spot a phishing email

‘Phishing’ Emails With Your Home Address

This article is currently being drafted, and will be added to over time. In the meantime, Sophos have an article that goes into some detail about what is going on here. Some key points :- Don’t click on the encrypted … Continue reading

Posted in Active Attacks, Email | Tagged | Comments Off on ‘Phishing’ Emails With Your Home Address

Phishing: What To Do In The Aftermath

In the event that you have given away your account details in response to a phishing attack, and either discovered yourself that your account is compromised or you have been told so by IS, then there are some steps to … Continue reading

Posted in Email, Passwords | Comments Off on Phishing: What To Do In The Aftermath

Don’t Automatically Trust Email!

Email is a very easy to forge – so easy that if you try to impress a hacker by claiming to have forged email, they’ll fall about the floor laughing. So you should not automatically trust email – there are … Continue reading

Posted in Email | Comments Off on Don’t Automatically Trust Email!

Analysis Of A Phishing Attack

The following is the analysis of a real phishing attack that we have seen, together with some indications of how a phishing attack can be detected. For the impatient, some of those indicators are listed below :- Are you expecting … Continue reading

Posted in Active Attacks, Email | Tagged , | Comments Off on Analysis Of A Phishing Attack

Do You Know Email’s “BCC” Header?

There are a number of stories going around at the moment relating to unintentional release of email addresses in terms of allowing third parties access to the email addresses. This is almost always a mistake made by someone who used conventional … Continue reading

Posted in Email | Tagged , , | Comments Off on Do You Know Email’s “BCC” Header?

Sending SurveyMonkey Questionnaires Without Being “Spammed”

We recently encountered an issue where somebody attempted to send a questionnaire constructed in SurveyMonkey to a number of students and some deliveries were made to the students’ spam folders. Which is obviously sub-optimal. Unfortunately we do not fully control … Continue reading

Posted in Email | Comments Off on Sending SurveyMonkey Questionnaires Without Being “Spammed”