It is no doubt that our lives have been changed drastically due to the pandemic. While many of us are finding ways to cope, for another group, they see this as an opportunity to exploit the situation for their personal benefits. This group of people are known as cybercriminals.
Cybercriminals are exploiting the situation to launch email spoofing attacks to induce panic. Spoofed messages appear to originate from someone or somewhere other than the actual source. This technique is often used in phishing campaigns that are designed to obtain user credentials or company information.
The COVID-19 pandemic has become the focus theme of phishing emails. In late June 2020, Singapore was reportedly named as one of six countries to be targeted in a global phishing campaign. From the phishing campaign, the phishing emails were set to send from a spoofed email account from the Ministry of Manpower to businesses, offering them additional financial support.
As cybercriminals come up with increasingly convincing and sophisticated methods, users should learn how to identify phishing and spoofing emails and organisations should adopt some practices to prevent email spoofing and avoid potential financial losses.
How to Prevent Email Spoofing
1. Check the sender’s name and address
Performing a manual check on the sender's email name, address and header is the simplest way to identify email spoofing. This method can weed out malicious hackers that use similar email addresses to the one they attempt to impersonate. Users should always look for the return path which should be the same as the sender’s email address and it will be more secure for users to check the originating IP address and further identify the validity of the sender.
If users are unable to identify the validity of an email, contacting the sender directly, especially if sharing private or financial information, can help to avoid an attack.
2. Report spoofing attempts
Users should always report suspicious or spoofed emails to the Management Information System team for further investigation. This can help the organisation to take necessary action to filter spam and malicious content or even blacklist the suspicious IP addresses to prevent users from receiving a similar spoofed email in future.
3. Implement Email Security Protocols
One of the best ways to prevent email spoofing is to implement domain-based email security protocols to prevent users from receiving spoofed emails in the first place. Spoofed emails are mitigated through the implementation of three key email security protocols, SPF, DKIM and DMARC, which will be configured in the domain name server (DNS) and email server.
When a sender sends you an email, the email will be sent through the sending email server to the receiving email server where the sent email will be signed using a private key. Next, the email will go to the sending organisation’s DNS server, which stores the published SPF record, DKIM public key and DMARC. The email will be cross-checked against the stored records. If the email passes the 3 policy checks, this means the email is from a legitimate source and will be sent to your inbox. If one of policy check fails, the email will either be quarantined or rejected.
4. Keep Anti-malware Software Up-to-date
It is important to keep the anti-malware software up-to-date to prevent hackers from taking advantage of known software vulnerabilities. Users are advised to perform computer scanning regularly and turn on auto-update of security software to stay protected from the latest cyberthreats.
Users are the last line of defence in email security because most of the cyberattacks are relying on human interaction to work. Other than security awareness training for users, organisations should take initiative to minimise spoofed emails from being passed on to the users as to prevent financial losses to the business. Contact us now to learn more about email security and how LGA can help you to enhance your email security.