Phlishing Email

Our inbox received lot of emails per day. Most of the email received were junk mails or useless emails to us.

What is the danger opening those malicious email?

They can be ransomware, delete your information in the system and network, steal your information (address book), use your system as C&C attack,

Email can be divided into the following category:

  1. Legitimate
  2. Advertisement
  3. Phlishing
  4. Malicious

Malicious attachment can be prevent through user training and improving user clicking behaviour. User needs to know the consequence of clicking or opening the attachment from unknown user.

There software and services provided by software security company to tackle these question.

Phlishing Email

There are lots of way attacker can use to phlish our system.

    1. Impersonate

By pretending someone you know or organization and authority is a common way from attacker

Example 1 : Pretending a friend or colleague of your, sending you an attachment or redirect you a link

Example 2 : Pretending a customer that interested in your product and asking for your detail

Example 3 : Pretending Legal or Financial Authority and asked you to click on the link or attachment.

    1. Social Engineering

By calling up to you to furbish detail on your company portfolio or personal information.

Example 1 : Calling form survey company, to get your company or personal information

Example 2 : Prise Wining call, get your personal information

Example 3 : Calling from financial institute, to ask your visit a link from their email or personal information

Where do attacker get our information?