"Finally, there is no single standard implementation of email forwarding," the researchers state in their paper. That, the researchers opine, is contrary to the anti-spoofing aspirations of SPF and DMARC. To underscore that point, the researchers point to the 2021 Verizon Data Breach Investigation Report, which indicates that phishing is involved in over a third (36 percent) of the more than 4,000 data breaches investigated, and that email-based attacks are commonly used for social engineering.Īnother issue is that the goal of forwarding is for the relaying party to send an existing message on behalf of the original sender in a way that's transparent. The sorts of social engineering attacks made possible by spoofed email continue to present security challenges for organizations and individuals. An example cited in the paper of a successful attack is a spoofed email purporting to be that was delivered to a Gmail user’s inbox without any warning notification. Spoofed messages appear to come from prominent domains operated by government, finance, legal, and media organizations, but come from somewhere else. UK Cyber Security Centre's scary new story: One phish, two phish, Russia phish, Iran phish.Attackers abuse Microsoft's 'verified publisher' status to steal data.Microsoft to enterprises: Patch your Exchange servers.Namecheap admits 'unauthorized emails' pwning its customers.One problem, the boffins explain, is that forwarding involves at least three parties and that the authenticity of email commonly gets decided by the party with the weakest security settings. These defenses, however, have trouble coping with email forwarding. ![]() They demonstrated this by delivering spoofed messages to accounts at major email providers like Google Gmail, Microsoft Outlook, and Zoho. ![]() The researchers, affiliated with UC San Diego and Stanford University in the US, and University of Twente in the Netherlands, reveal that attackers can still easily take advantage of security issues arising from email forwarding. In a preprint paper titled, "Forward Pass: On the Security Implications of Email Forwarding Mechanism and Policy," scheduled to appear at the 8th IEEE European Symposium on Security and Privacy in July, authors Enze Liu, Gautam Akiwate, Mattijs Jonker, Ariana Mirian, Grant Ho, Geoffrey Voelker, and Stefan Savage show that email messages can be easily spoofed despite the existence of supposed defenses. Alas, defensive protocols implemented during this period, such as SPF, DKIM, and DMARC, remain unable to deal with the complexity of email forwarding and differing standards, a study has concluded. Analysis Over the past two decades, efforts have been made to make email more secure.
0 Comments
Leave a Reply. |