{"id":275,"date":"2009-07-30T16:55:53","date_gmt":"1999-01-01T00:00:00","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/?p=275"},"modified":"2021-07-27T16:30:22","modified_gmt":"2021-07-27T16:30:22","slug":"messaging-security-threats","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","title":{"rendered":"Messaging Security Threats"},"content":{"rendered":"<p><span style=\"text-decoration: underline;\"><strong>SPAM<\/strong><\/span><\/p>\n<p>Spam continues to be the major threat affecting email systems today.<br \/>\nThe term Spam is used to define junk email messages that are usually sent out in high volumes to thousands of users at a time.<br \/>\nSPAM Invasion<br \/>\nBelow contains some examples of some HTML-based filter evasion tactics,<\/p>\n<ul>\n<li>Tiny or invisible text that is unseen by the recipient but still constitutes the content of the message.<\/li>\n<li>Obfuscated URLs which make it harder to create filters that look for specific spam web pages.<\/li>\n<li>Embedded HTML comments are another way to introduce an infinite amount of randomization the message<\/li>\n<li>This is also the idea behind inserting random strings of characters and inserting white text on white backgrounds<\/li>\n<\/ul>\n<p><strong>Relay<\/strong><br \/>\nOne way spammers deal with the concealment issue is by using open relays or identity-masking relays. One application of such a technique is the misuse of open proxy servers. Open proxy servers are misconfigured or virus-infected computers that allow traffic for virtually any network service to be channeled through a compromised machine.<\/p>\n<p><strong>Image<\/strong><br \/>\nWith image spam, the email advertisement or call to action appears in the form of an image in the message rather than in text.<br \/>\nImage spam is often used in so-called \u201cpump and dump\u201d campaigns. The goal of this activity is designed to boost the price of stocks, once done they will sell their stocks at a profit.<\/p>\n<p><strong>Attachment Spam<\/strong><br \/>\nAttachment spam is one of the latest methods of method of spamming . In these attacks, spammers use attachments to send images instead of embedding them in the body of the email message.<\/p>\n<p><strong>Malware<\/strong><br \/>\nMalware refers to software designed to infiltrate or damage a computer system, without the owner&#8217;s consent. There are many different types of malware that infect email traffic, including\u00a0 worms and Trojan Horses. Spyware and adware are more recent variants.<\/p>\n<p><strong>Phishing and email fraud attacks<\/strong><br \/>\nA quickly growing and dangerous type of spam are phishing attacks. Phishing attacks send emails that resemble official messages sent by a real banks, online merchants, or online auction services, usually asking for personal information such as user name and passwords, credit card numbers, and social security numbers.<\/p>\n<p><strong>Directory Harvest Threat<\/strong><br \/>\nDirectory Harvest attempts are a common form of attack. These attacks are designed to \u201charvest\u201d\u00a0 or obtain legitimate email addresses within a domain. The spammer will send out a massive amount of emails to randomized addresses. Email addresses are determined \u201cactive\u201d if no undeliverable notifications are received by the spammer. Email addresses that are successfully harvested in these attacks are usually later targets for spam advertisements and fraud attacks.<\/p>\n<p><strong>DoS<\/strong><br \/>\nDenial of Service (DoS) Attacks are undertaken with the intent to completely take down an organization\u2019s email system. They work by sending a very large number of emails to an address or domain, in the hopes that the email system is overwhelmed and shuts down.<\/p>\n<p><strong>Bounce \/ Spam Blowback Attacks<\/strong><br \/>\nMisdirected bounce attacks are another variant of email attacks that can quickly overwhelm an email system.\u00a0 This is were a spammer will send a spoofed email. Due to this being spoofer any deliverable notifications will be sent back to the spoofed domain rather then the spammer.<\/p>\n<p><strong>Prevention <\/strong><\/p>\n<ul>\n<li>SPF (Sender Policy Framework) &#8211; This works by verifying which users of a particular domain are able to send emails. SPF records contain a list of verified users and these records are published within the domains DNS Zone.<\/li>\n<li>Sender ID &#8211; This initiative is derived from SPF but was rejected by the Internet Engineering Task Force.<\/li>\n<li>Domain Keys (DKIM) &#8211; Developed by Yahoo! and is based on public authentication keys generated by each domain to verify the sender and recipient. Since this also verifies the recipient, it is more secure than other prevention methods, but is also more complicated.<\/li>\n<li>Additional Notes &#8211; Although these authentication methods can be quite effective in stopping email threats, they can only be truly effective if they are widely accepted throughout the industry.<\/li>\n<\/ul>\n<p><strong>IM Threats<\/strong><\/p>\n<p>IM worms, also referred to as SPIM, pose a very unique type of threat to the enterprise for four reasons:<br \/>\nThe amount of IM worms has increased alarmingly over the past year. Many organizations are not prepared for IM worms, and malware authors have adopted IM as a method of propagation<br \/>\nIM worms spread more rapidly than older threats. Because of the real time nature of instant messaging, IM worms can spread throughout the enterprise in minutes, rather than hours.<br \/>\nIM worms use social engineering. When you receive an IM worm it typically appears as a message from a contact you are familiar with because you are on their buddy list. A threat on your machine will look on your contact list and start contacting people you know. Most worms include text to tempt the user into clicking on the suspect URL. There is a much greater uptick in people clicking on malicious links (about 30%) because people tend to trust messages from people they\u2019re familiar with.<br \/>\nWorms generally present themselves as URLs with some socially engineered text to temp you to click on the URL. All IM worms tends to follow a very specific behavioral pattern, described below:<\/p>\n<ol>\n<li>The first user to get infected is typically external.<\/li>\n<li>Once a machine is infected, the worm will perform the specific action it was designed to take, and then it cracks open the buddy list of the IM client on that machine<\/li>\n<li>The worm then broadcasts itself as an IM message to everyone on the infected user\u2019s buddy list. Every contact on that buddy list will receive an IM from this contact (someone they know) containing the URL and the tempting text. For example, it might say \u201cHey, check out the pictures from last weekend! http:\/\/www.sampleURL.com\/virus.pif\u201d<\/li>\n<li>IM in intrusive. It will take over the focus controls of the recipient. So, when you receive a worm IM it will always appear immediately on your screen, and you know (and trust) the person who sent it to you because you are on their buddy list. Many people will choose to click on this URL, which will likely download the worm to their PC<\/li>\n<li>Once a worm recipient clicks on the URL and downloads the worm to their PC, the entire process will repeat itself. The worm will be sent to each contact on their buddy list. This is how a worm can propagate so rapidly.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in high volumes to thousands of users at a time. SPAM Invasion Below contains some examples of some HTML-based filter evasion tactics, Tiny or invisible text that is &#8230; <a title=\"Messaging Security Threats\" class=\"read-more\" href=\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\" aria-label=\"Read more about Messaging Security Threats\">Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Messaging Security Threats - Fir3net<\/title>\n<meta name=\"description\" content=\"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Messaging Security Threats - Fir3net\" \/>\n<meta property=\"og:description\" content=\"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\" \/>\n<meta property=\"og:site_name\" content=\"Fir3net\" \/>\n<meta property=\"article:published_time\" content=\"1999-01-01T00:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-07-27T16:30:22+00:00\" \/>\n<meta name=\"author\" content=\"Rick Donato\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rick Donato\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\"},\"author\":{\"name\":\"Rick Donato\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\"},\"headline\":\"Messaging Security Threats\",\"datePublished\":\"1999-01-01T00:00:00+00:00\",\"dateModified\":\"2021-07-27T16:30:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\"},\"wordCount\":1066,\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"articleSection\":[\"Security Concepts\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\",\"url\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\",\"name\":\"Messaging Security Threats - Fir3net\",\"isPartOf\":{\"@id\":\"https:\/\/www.fir3net.com\/#website\"},\"datePublished\":\"1999-01-01T00:00:00+00:00\",\"dateModified\":\"2021-07-27T16:30:22+00:00\",\"description\":\"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in\",\"breadcrumb\":{\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.fir3net.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\/\/www.fir3net.com\/security\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Security Concepts\",\"item\":\"https:\/\/www.fir3net.com\/security\/concepts-security\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Messaging Security Threats\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.fir3net.com\/#website\",\"url\":\"https:\/\/www.fir3net.com\/\",\"name\":\"Fir3net\",\"description\":\"Keeping you in the know\",\"publisher\":{\"@id\":\"https:\/\/www.fir3net.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.fir3net.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.fir3net.com\/#organization\",\"name\":\"Fir3net\",\"url\":\"https:\/\/www.fir3net.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"contentUrl\":\"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png\",\"width\":390,\"height\":88,\"caption\":\"Fir3net\"},\"image\":{\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037\",\"name\":\"Rick Donato\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g\",\"caption\":\"Rick Donato\"},\"description\":\"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Messaging Security Threats - Fir3net","description":"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","og_locale":"en_US","og_type":"article","og_title":"Messaging Security Threats - Fir3net","og_description":"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in","og_url":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","og_site_name":"Fir3net","article_published_time":"1999-01-01T00:00:00+00:00","article_modified_time":"2021-07-27T16:30:22+00:00","author":"Rick Donato","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Rick Donato","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#article","isPartOf":{"@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html"},"author":{"name":"Rick Donato","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037"},"headline":"Messaging Security Threats","datePublished":"1999-01-01T00:00:00+00:00","dateModified":"2021-07-27T16:30:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html"},"wordCount":1066,"publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"articleSection":["Security Concepts"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","url":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html","name":"Messaging Security Threats - Fir3net","isPartOf":{"@id":"https:\/\/www.fir3net.com\/#website"},"datePublished":"1999-01-01T00:00:00+00:00","dateModified":"2021-07-27T16:30:22+00:00","description":"SPAM Spam continues to be the major threat affecting email systems today. The term Spam is used to define junk email messages that are usually sent out in","breadcrumb":{"@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.fir3net.com\/security\/concepts-and-terminology-security\/messaging-security-threats.html#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.fir3net.com\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.fir3net.com\/security"},{"@type":"ListItem","position":3,"name":"Security Concepts","item":"https:\/\/www.fir3net.com\/security\/concepts-security"},{"@type":"ListItem","position":4,"name":"Messaging Security Threats"}]},{"@type":"WebSite","@id":"https:\/\/www.fir3net.com\/#website","url":"https:\/\/www.fir3net.com\/","name":"Fir3net","description":"Keeping you in the know","publisher":{"@id":"https:\/\/www.fir3net.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.fir3net.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.fir3net.com\/#organization","name":"Fir3net","url":"https:\/\/www.fir3net.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","contentUrl":"https:\/\/www.fir3net.com\/wp-content\/uploads\/Fir3net-Background-Logo-compressed.png","width":390,"height":88,"caption":"Fir3net"},"image":{"@id":"https:\/\/www.fir3net.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/ab35009601b7687ee1c5310be6038037","name":"Rick Donato","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.fir3net.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d75d69a54c0ca3b32c24c3a9703b623c?s=96&d=mm&r=g","caption":"Rick Donato"},"description":"Rick Donato is a Network Automation Architect\/Evangelist and the founder of Packet Coders."}]}},"_links":{"self":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/275"}],"collection":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/comments?post=275"}],"version-history":[{"count":0,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/posts\/275\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/media?parent=275"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/categories?post=275"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.fir3net.com\/wp-json\/wp\/v2\/tags?post=275"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}