Learn about how malicious actors send spam email to get into a system, and then use phishing to gain access and launch attacks.
- [Narrator] Email communication is vital for businesses. … However, a large percentage of email … that comes into an organization is abusive, … and includes junk mail, spam, and malware. … Nearly all abusive email has a fake sender address, … which is done to conceal the sender's true address. … Malicious actors use spoofed email … to get into an organization via phishing attacks. … A reputation is a method of assuring … appropriate email traffic and preventing abusive email. … With a reputation-based solution, … you see this email wants to be delivered to an organization. … The organization goes to the cloud … to check the reputation of that IP address. … By reputation, it assures that the website is okay … and the mail can be delivered. … Reputation-based systems like Spamhaus or SpamCop … monitor and blacklist IP addresses and they have worked … as reputation is a strong method … of assuring appropriate email traffic … and preventing abusive email such as spam and junk mail. … Now I'm here at the website Spamhaus Project …
In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.
Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- Visualizing the victim
- Recognizing an attack
- Using charm, power, and influence
- Manipulating with social media
- Preventing insider attacks
- Stealing identities
- Pen testing with social engineering
- Taking countermeasures