Documente Academic
Documente Profesional
Documente Cultură
Module 9
Simplifying Security.
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Individualswhoareconcernedaboutdatalossmaybesurprisedtohearofthenumberof
hackingattacksattemptedontheTreasury.
ChancellorGeorgeOsbornerevealedattheGoogleZeitgeistconferenceonMonday(May
16th)thateachmontharound20,000maliciousemailsaresenttoUKgovernmentnetworks.
Furthermore,henoted:"During2010,hostileintelligenceagenciesmadehundredsofserious
andpreplannedattemptstobreakintotheTreasury'scomputersystem.Infact,itaveraged
outasmorethanoneattemptperday."
Asaresultofthesefigures,Mr OsbornepointedoutthattheTreasuryisoneofthemost
targetedbydataattacksacrossthewholeofWhitehall.
Governmentisnottheonlyareaconcernedaboutbreachesthough,withSquareEnix recently
confirmingthatacoupleofwebsitesitisassociatedwithhavebeenattacked.
http://www.cryptzone.com
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Objectives
EmailSecurityProcedures
EmailSystem
HowtoObtainDigitalCertificates?
EmailSecurity
OnlineEmailEncryptionService
EmailSecurityThreats
EmailSecurityTools
Spamming
EmailSecurityChecklist
Hoax/ChainandScamEmails
SecurityChecklistforCheckingEmails
onMobile
EmailSecurityControlLayers
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Flow
Introductionto
EmailSecurity
Email
SecurityThreats
HowtoObtain
DigitalCertificates?
Email
SecurityTools
Email
SecurityProcedures
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
93.5%
Italy
Denmark
93.2%
UK
92.0%
Spain
France
92.0%
Oman
Switzerland
91.5%
1in147.2 SouthAfrica
SouthAfrica
Austria
1in164.6
1in174.1
1in229.0
1in237.8
Switzerland
UK
Oman
United
Arab
Emirates
NewZealand
1in99.0
1in214.8
1in341.9
1in424.0
1in568.1
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Internet
Sender
EmailClients
EmailServer
EmailServer
EmailClients
Receiver
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Email Security
Noemailcommunicationis100%secure
Insecureemailsallowattackerstointerceptpersonaland
sensitiveinformationoftheuser
Ifnotsecured,emailssent/received canbeforgedor
readbyothers
Emailsareoneofthesourcesofviruses andvarious
malicious programs
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Flow
Introductionto
EmailSecurity
Email
SecurityThreats
HowtoObtain
DigitalCertificates?
Email
SecurityTools
Email
SecurityProcedures
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
MaliciousUserRedirection
Mailsmaycontainlinksthat
websiteshostingmalwares
andpornographicmaterial
Phishing
Phishing mailslurevictimstoprovide
personaldata
Hoax/ChainMail
Spamming
Theusermayreceivehoaxemails
thatcontainfalseinformation
tellinghim/hertoforwardthe
mail
Theusermayreceivespammails
maycontainmalwareallowing
attackerstotakecontrolofthe
usercomputer
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
10
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Checkiftheemailisfromoneof
yourcontacts
Donotopenattachmentswith
suspicious orunknownfile
extensions
Example:*.exe,*.vbs,*.bat,*.ini,
*.bin,*.com,*.pif,*.zzx
Checkiftheemailwasever
receivedfromthesource
Neveropenanemailattachment
fromunreliablesources
Checkifthesubjectline andname
ofthe attachmentarecorrelated
witheachother
11
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Spamming
Unsolicitedbulkmessages
Spammingistheuseofemail
systemstosendunsolicitedbulk
messagesindiscriminately
overloadingtheusersinbox
Spamemailsmaycontainmalicious
computerprograms suchasviruses
and Trojans
AccordingtoSymantec,spam
makesup89.1%ofallemailtraffic
Attacker
User
SpamSourcesbyContinent
44%
Europe
Asia
27%
18%
SouthAmerica
Africa
8%
7%
NorthAmerica
Oceania
3%
0
20
40
60%
http://www.m86security.com
12
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Spamming Countermeasures
Avoidopeningspammessages
(classifiedbyspamfilters)
Reportsuspiciousemailas
spam
Usetheemailclient's
spamfilterandanti
spammingtools
Donotuseofficial
emailaddresswhile
registeringwithany
website
Neverfollowthelinksinspam
messages
Useadifferentemailaddresswhen
postingmessagestoanypublic
forum
13
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
http://www.spamfighter.com
14
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Hoaxesareemailmessageswarningthe
recipientsofnonexistentthreats
Usersarealsowarnedofadverseeffects
iftheydonotforwardtheemailtoothers
http://www.scamletters.com
http://diamondback.com
15
Ascamemailasksforpersonalinformation
suchasbankaccountdetails,creditcard
numbers,password,etc.
Thesenderofscammailsmayalsoaskthe
recipienttoforwardtheemailtoeveryonein
his/hercontactlist
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Nigerian Scam
ANigerian scamisaformofadvance
paymentofmoneyormoneytransfer
http://in.mail.yahoo.com/
ThisscamiscalledaNigerianscam
becauseinitiallyitstartedfromNigeria,
buttheycancomeinanywhereinthe
world
Usingthisscam,scammerscontactyou
bysendinganemailandofferyoua
shareinalargesumofmoney
Theysaytheywanttotransfermoney,
whichwastrappedinbanksduringcivil
wars,toyouraccount
Theymayalsocitevariousreasonssuch
asmassiveinheritanceproblems,
governmentrestrictions,ortaxesinthe
scammerscountry
Scammersaskyoutopaymoneyorgive
themyourbankaccountdetailstohelp
themtransferthemoney
From:Mr.WongDu
Seoul,SouthKorea.
IwillintroducemyselfIamMr.Wong duaBankerworkinginabankinsouthKoreaUntilnowIam
theaccountofficertomostofthesouthKoreagovernmentaccountsandIhavesincediscovered
thatmostoftheaccountaredormantaccountwithalotofmoneyintheaccountonfurther
investigationIfoundoutthatoneparticularaccountbelongtotheformerpresidentofsouthKorean
MRPARKCHUNGHEE,whoruledsouthKoreanfrom19631979andthisparticularaccounthasa
depositof$48mwithnonextofkin.
MyproposalisthatsinceIamtheaccountofficerandthemoneyortheaccountisdormantand
thereisnonextofkinobviouslytheaccountownertheformerpresidentofSouthKoreahasdied
longtimeago,thatyoushouldprovideanaccountforthemoneytobetransferred.
Themoneythatisfloatinginthebankrightnowis$48mandthisiswhatIwanttotransfertoyour
accountforourmutualbenefit.
PleaseifthisisokaybyyouIwilladvicethatyoucontactmethroughmydirectemailaddress.
Pleasethistransactionshouldbekeptconfidential.Foryourassistanceastheaccountownerwe
shallsharethemoneyonequalbasis.
Yourreplywillbeappreciated,
Thankyou.
WongDu
16
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Flow
Introductionto
EmailSecurity
Email
SecurityThreats
HowtoObtain
DigitalCertificates?
Email
SecurityTools
17
Email
SecurityProcedures
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Email Security
Control Layers
Receiver
Sender
18
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Createandusestrong
passwords
Turnoffthepreview
featureandchange
downloadsettingsin
emailclients
Providealternateemail
address formail
recovery
Checkforlastlogging
activity
Createjunkemailfilter
inemailclients
Digitallysignyourmail
messages
UseHTTPS forbrowser
connection
Disable/unselect KeepMe
SignedIn/RememberMe
functions
Avoidunwantedemails
usingfilters
19
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
20
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
21
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
22
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Using HTTPS
WebmailssuchasGmail,Yahoomail,Hotmail,AOLMail,etc.haveanoptionforchoosingthe
communicationprotocolforbrowserconnection
23
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
TocheckaccountactivityinGmail,scrolltothe
bottomofthepageandclickDetails
Immediatelychangeyourpasswordand
passwordhintsifyouobserveanysuspicious
activity
Latestaccountactivityincludesinformation
suchasaccesstype(browser,mobile,POP3,
etc.),location (IPaddress),anddate/timeof
accountactivities
24
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
25
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
ToturnoffthepreviewfeatureinMozilla
Thunderbird:
GotoView menuandselectLayout
UnchecktheoptionMessagePane
26
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
27
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Flow
Introductionto
EmailSecurity
Email
SecurityThreats
HowtoObtain
DigitalCertificates?
Email
SecurityTools
28
Email
SecurityProcedures
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Digitalsignaturesareusedtoauthenticatethesenderofamessageorthesigner
ofadocument
Theycanalsobeusedtoensurethattheoriginalcontentofthemessageisnot
changed
Usersrequireanemailcertificatetodigitallysignemails
Youcanobtaindigitalsignaturesfromcertificationauthorities
ExampleofCertificationAuthorities:
VeriSign (http://www.verisign.com)
Comodo (http://www.comodo.com)
Thwate (http://www.thawte.com)
Entrust (http://www.entrust.com)
29
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
30
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
31
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
32
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
33
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
34
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Flow
Introductionto
EmailSecurity
Email
SecurityThreats
HowtoObtain
DigitalCertificates?
Email
SecurityTools
35
Email
SecurityProcedures
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
https://www.lockbin.com
36
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
McAfeeSpamKiller
http://www.comodoantispam.com
http://us.mcafee.com
Netcraft Toolbar
ComodoEmailCertificate
http://toolbar.netcraft.com
http://www.comodo.com
PhishTank SiteChecker
Mirramail SecureEmail
https://addons.mozilla.org
http://www.mirrasoft.com
Spamihilator
Encryptomatic MessageLock
http://www.spamihilator.com
http://www.encryptomatic.com
37
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
Module Summary
Email(electronicmail)isamethodofexchangingdigitalmessagesfromasenderto
oneormorerecipients
Attachmentscancontainmaliciousprograms;openingsuchattachmentscaninfect
thecomputer
Spammingistheprocessofpopulatingtheusersinboxwithunsolicitedorjunkemails
Hoaxesarefalsealarmsclaimingreportsaboutanonexistentvirus
Donotforgettodeletebrowsercache,passwords,andhistory
Considersettingmobilephonestodownloadonlyheadersofemails,notthefullemail
Digitalsignaturesareusedtoauthenticatethesenderofamessageorthesignerofa
document
Emailsecuritytoolsprotectpasswordsandautomaticallylogoffemailaccounts
38
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
39
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
40
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
41
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.
42
CopyrightbyEC-Council
AllRightsReserved.ReproductionisStrictlyProhibited.