Our inbox received lots of emails per day. Most of the email received were junk mails or useless emails to us.
What is the danger opening those malicious email?
They can be ransomware, delete your information in the system and network, steal your information (address book), use your system as the C&C attack,
Email can be divided into the following category:
Malicious attachment can be prevented through user training and improving user clicking behaviour. The user needs to know the consequence of clicking or opening the attachment from an unknown user.
There software and services provided by the software security company to tackle this question.
There are lots of ways an attacker can use to phish our system.
By pretending someone you know or organization and authority is a common way from an attacker
Example 1: Pretending a friend or colleague of you, sending you an attachment or redirect you a link
Example 2: Pretending a customer that interested in your product and asking for your detail
Example 3: Pretending Legal or Financial Authority and asked you to click on the link or attachment.
- Social Engineering
By calling up to you to furbish detail on your company portfolio or personal information.
Example 1: Calling form survey company, to get your company or personal information
Example 2: Price winning call, to get your personal information
Example 3: Calling from the financial institute, to ask you to click a link from their email or personal information