SECURITY
SECURITY
Recently a critical information infrastructure in Cyprus fell victim to a spoofing attack, according to which an email account of the infrastructure was falsified with malicious intent.
Spoofing attack concerns the creation of emails entailing malicious intent. Such emails are created by falsifying e-mail accounts and web addresses from a legitimate source and show that they are sent by the latter in order to mislead the recipient.
The purpose of forging an email address is to get the recipient to take action by trusting the sender. The result of a successful spoofing attack could be the interception of credentials, money, the control of a system as well as the installation of malware.
Spoofing protection measures include the following:
- Adjust spam settings
- Add a Sender Policy Framework (SPF) record where an SPF record lets recipients know if the email is spam
- Use Domain Keys Identified Mail (DKIM) encryption template in the email header. This way when a server receives an email, it checks if someone has lost that email while it was sent, allowing the SPF to minimize the risk of forgery
- Careful check of the sender’s information. Check email headers. The sender’s IP address can be extracted from the email headers and a reverse IP search can be performed to verify the sender
- Installation of DMARC Record in the infrastructure. DMARC (Domain-based Message Authentication, Reporting & Conformance) performs authentication, reporting and compliance based on emails received for protection against spoofing and phishing attacks
Also read: Cyberattack on CNA | What the Digital Security Authority says
RECENT
BAE Systems | UK’s First Autonomous Extra-Large Submarine For Military Use – Photos
NATO | Emergency Cyber Security Conference in London
Russia | Recruiting hundreds of Yemeni Houthis in war against Ukraine
Sweden | Funding for the production of Ukrainian long-range drones
HCDI | Elite recruits in innovation roles in the Hellenic Armed Forces
NEWSLETTER SUBSCRIPTION
NATO | Emergency Cyber Security Conference in London
With the risk of multiple hybrid attacks on critical sectors for Britain’s infrastructure, as well as on large businesses by Russian hackers…
Greece acquires Government Space Hub – Contracts signed for Axis 3 of the “National Microsatellite Program”
The six contracts for the third Axis (Axis 3) of the “National Microsatellite Program,” between the European Space Agency (ESA) and…
Von der Leyen | Proposal for the creation of a European Civil Defence Mechanism
The European Commission’s President Ursula von der Leyen called for the launch of a European Civil Defence Mechanism, speaking about…
BAE Systems | UK’s First Autonomous Extra-Large Submarine For Military Use – Photos
BAE Systems has successfully demonstrated a groundbreaking new type of autonomous submarine, developed specifically for military use.
NATO | Emergency Cyber Security Conference in London
With the risk of multiple hybrid attacks on critical sectors for Britain’s infrastructure, as well as on large businesses by Russian hackers…
Russia | Recruiting hundreds of Yemeni Houthis in war against Ukraine
Russia is recruiting hundreds of Yemeni Houthis for the war against Ukraine. The men were brought to Russia through a…
Sweden | Funding for the production of Ukrainian long-range drones
Sweden has agreed to finance the production of Ukrainian long-range unmanned aerial vehicles, Ukraine’s Defence Ministry announced…
HCDI | Elite recruits in innovation roles in the Hellenic Armed Forces
A new program for the utilisation of scientifically qualified Greek citizens who are called to fulfil their military service is being…
Russia | Debt cancellation for recruits who agree to fight in Ukraine
Russian President Vladimir Putin has signed a bill that will erase the debts of recruits joining the army to fight in Ukraine, according…
0 Comments