What is email security and how to protect from CEOs and CFOs fraud?

1
What is email security and how to protect from
CEOs and CFOs fraud?
2
Importance of Email Security
Emails are a crucial mode of communication for
most firms, especially in today's extreme
business climate. As a result, it is not
surprising that they have become a primary
conduit used by hackers to target their victims.
According to F5 Labs (the threat intelligence arm
of application service provider F5), phishing
occurrences climbed by a stunning 220 during the
peak Covid-19 period.
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
3
Fake President Fraud Emails
Fake President or President Fraud emails are
a prevalent sort of assault. Cybercriminals use
an organization's domain to mimic high-level
officials such as CEOs or CFOs in this form of a
phishing attack. President fraud emails generally
portray a feeling of urgency, prompting workers
to provide critical information, click on
dangerous links, or even pay fictitious
invoices.  
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
4
Email Spoofing/Impersonation
In an email spoofing or impersonation attack,
attackers disguise themselves as known or trusted
individuals so that their email lures in the
victim. Such an attack is a subset of protect
domain from phishing, which also uses emails from
unknown or untrustworthy senders (like that
wealthy uncle you never heard of before). While
Fake President emails have caused the greatest
damage, there are numerous other types of email
impersonation, such as those claiming to be from
a supplier demanding invoice payments, or a
client requesting that you simply click on a link
or fill out a form.   Emails impersonating
someone from your firm pose a risk to your
organization, as well as to your clients and
business partners if your employees fall for
them.
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
5
Ways to Prevent Email Spoofing
The minimization or complete erasure of email
spoofing can be accomplished using basic
protection measures such as SPF, DKIM, and DMARC,
which give extra security and prevent your domain
from being impersonated and misused for
fraudulent purposes. Sender Policy Framework
(SPF) is an email authentication mechanism that
allows a domain owner to determine which mail
servers can deliver emails from their domain. The
SPF record provides information on who is
permitted to send emails on your behalf. If an
unauthorized party attempts to send an email from
your domain, the receiving email server either
rejects or labels the email as spam based on the
SPF record.   The DomainKeys Identified Mail
(DKIM) standard is intended to ensure that email
contents are not altered during transit. The
email is electronically signed by the
transmitting email server to ensure its validity.
Some email security service provider (for
example, Gmail or Microsoft Office 365) employ
DKIM by default to sign emails, whereas others
require it to be activated manually. 
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
6
Domain-based Message Authentication, Reporting,
and Conformance (DMARC) adds an extra layer of
protection by advising email servers on what to
do if an email fails SPF and DKIM authentication
tests. When the DMARC policy is in place, inbound
email is subject to SPF and DKIM authentication
tests.   If the email passes either of the above
tests, it is delivered to the recipient's inbox.
DMARC rules allow you to reject or quarantine
(label as spam) all communications that fail
DMARC tests. The protocol also provides a
monitoring mechanism where the receiving email
server can be instructed to generate DMARC
reports containing details of emails that fail
authentication checks. These are then sent back
to the sending domain. Therefore, by having DMARC
Email Authentication implemented, you will be
able to detect and prevent fraudulent emails from
being sent using your domain.   Although SPF is
installed in the majority of the sample
businesses, DMARC is used by far fewer
organizations. Enforcing DMARC alongside SPF can
dramatically enhance email security. Furthermore,
establishing SPF and DMARC in such a manner that
an email server can reject suspicious emails
(i.e. a strong SPF/DMARC policy) decreases the
risk and should thus be enforced.  
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
7
Methods to Implement Security Protocols
SPF and DMARC can be implemented with little
effort while most email providers already have
basic DKIM protection in place. These policies go
a long way in protecting your email
infrastructure and ultimately your
organization. Both these mechanisms can be set
up by publishing certain DNS (Domain Name System)
records. They are a set of instructions that are
published and publicly visible for all domains
(such as qwerty.com). These records instruct
servers on how to interact with your domain. SPF
and DMARC records provide information on how to
handle emails sent using your domain. Usually, a
technical person can publish the required SPF,
DKIM, and DMARC records to the DNS server through
your hosting provider, a service provider that
enables you to set up websites on the internet.
For example, Cloudflare, GoDaddy, etc.
EmailAuths DMARC, SPF, and DKIM generators help
you create the correct email security DNS records
with helpful tutorials based on your hosting
provider. Even though these protections are not
fool-proof they can make your domain less
susceptible to impersonation attacks or email
fraud.
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.  
8
Thanks You
Stay Aware, Stay Safe Infosec Ventures
Email hello (at) infosecventures.com  UK  -
London 44 207 993 0067Unit 206, Comms House,
Chiswick High Road, London W4 4HH, United
Kingdom.  UAE - Dubai 971 50 936 2788Astrolabs
Dubai, Cluster R, Jumeirah Lakes Towers, Dubai,
United Arab Emirates.