Category Archives: Spam Emails

how good is my password

How Secure Is My Password? | Are passwords enough on their own?

The importance of having secure passwords and, if 2-factor authentication is an option, turning it on cannot be overstated.

This week, I had the opportunity to see firsthand just how frustrating it is to deal with an account hijack.

On Friday, the customer contacted me, as one of the retired partners had unfortunately been victim to a hijacked personal email account.

Password strength,

The hijacking was discovered when spam was sent from the compromised account, some of which was directed toward the retired partner’s old company.

Taking back control

First, I had to regain control of the hijacked accounts. Fortunately, the recovery mobile hadn’t been changed, so I could easily regain access.

If the hackers had updated the recovery options, it would have been challenging to regain control.

The hijackers changed the Reply-to address to a Hotmail address they controlled. Fortunately, this was relatively easy to spot and rectify.

Contact us for a free Dark Web privacy assessment.

It’s worth highlighting that all emails sent during the period under the hijacker’s control would have come from the legitimate account holder, and anyone who had responded would have responded to the hijacker’s account, ideal if you are planning a Phishing attack.

Less obvious was that the hijacker had created a rule labelled (..), which forwarded all emails sent to the legitimate account to the hijacker.

Fortunately, they had neglected to tick the box saying to leave a copy in the inbox, so new emails didn’t appear. So, it was evident that something was going on, and we removed the rule.

However, the hijacker received a copy of all incoming emails for the period the account was under their control.

It would have been infinitely worse had they hijacked a Microsoft, Dropbox or Google user, as they also have data access.

Remember this ploy: a more subtle hacker who managed to control the account without being spotted using a compromised password and the fact that 2-factor Authentication isn’t in place could have used this technique to receive any emails that came in intended for the victim for a longer period.

It is not a stretch of the imagination to see how this could have resulted in a severe data breach if it had been a compromised business user’s email, Microsoft.

Password strength, usernames, tool, password,

Know your password strength, password best practices

  1. The password used by our customer appeared in a list of known security breaches.
  2. Use strong passwords. Longer passwords using special characters and symbols such as $%&* are better. Don’t ever use weak passwords. In this case, it was too simple.
  3. Reusing passwords: The client didn’t have unique passwords, and passwords had been reused across multiple sites.
  4. The customer had not strengthened their security by turning on 2-factor authentication.
  5. Passwords are not an effective deterrent, but an account with 2FA enabled will be secure against all but the most determined hackers.

    As a result, other services using the breached password, including Facebook, Apple ID, and a Microsoft personal subscription, were also at risk of being hijacked by the hacker.

How To Create Secure Passwords and Increase Password Strength.

Hopefully, everyone now realises that password strength is related to complexity and length. Good habits and a few rules are enough to make a strong password, but passwords alone aren’t enough to secure accounts.

How good is my password? In isolation, the answer in almost all cases is not good enough.

Most passwords will take a few minutes to a few hours to crack using modern processing.

Without additional security, accounts using 16-character passwords will be cracked in a few hours, and as it’s a process known as brute force, it won’t get bored and go away.

See this article from the Daily Mail online to see exactly how quickly passwords are cracked.

password strength, unique passwords, use long passwords, lowercase charachters and symbols

I recommend Keeper Password Manager. Keeper creates secure passwords quickly.

The password checker monitors for compromised passwords and will let you know if your password has been reused.

This is usually the case early on when you first adopt a password manager, as Keeper has a really effective import function that pulls stored credentials from your browser.

password strength, keeper password, access passwords, keeper software, password hackers,

Keeper will even notify you of data breaches if a credential belonging to you appears on a known compromised password list.

Monitoring for data breaches and credential theft is easy to implement and cost-effective.

Don't use Common passwords like 123456, monitor data breach, password strength,

We provide a monitoring service that checks our customers’ domains and reports on any data breaches containing sensitive customer information, such as compromised passwords.

Why Is Strong Password Security Important?

Password Security is the first link in the security chain we create to protect our digital lives.

Other Ways To Protect Yourself Online

Heimdal database of known bad Internet websites protects your browser

We create a layered approach to security, starting with educating the client on what constitutes a strong password.

How good is my password?

Use a complex password of at least 12 characters long, but 14 or more is better. A combination of uppercase letters, lowercase letters, numbers, and symbols.

Don’t use a word that can be found in a dictionary or the name of a person, character, product, or organisation; don’t use the same password for multiple online accounts.

When browsing the Internet, it is vital to recognise risky situations and practices, but we are all fallible.

Hence, we implement technical solutions such as Heimdals web filtering solution and Conceal Browse that intervene if we accidentally visit a dangerous website.

The Impact of Stolen Passwords.

Stolen passwords are the most common cause of account compromise. Compromised accounts are often used in phishing campaigns and to send spam.

 

Introducing The Valimail DMARC Report Analyzer Service

The Email ecosystem is having something of an upgrade next month; the reason for the upgrade is simple and compelling. The fact is that it is too easy to spoof or fake email addresses.

For more information, see the NCSC’s in-depth explanation of the new DMARC rules

All of us have seen emails in our inbox that are trying to induce us into clicking on a link and lots of emails advertising things we aren’t interested in. The unwanted, unsolicited advertising emails are what we refer to as Spam, a subset of carefully targeted and crafted emails that directly target you as an individual. These are the dangerous ones that we refer to as Phishing. When they are successful, sadly, they have often put into train a series of events that can end up with cybercriminals gaining access to your system and, ultimately, your data.

The techniques often employed to trick users by impersonating legitimate, trusted sources of email that often originate from compromised email accounts are called Business Email Compromise. (BEC).

Fake emails put your company at risk. BEC is responsible for 60% of fraud (tamitesecureit.com) because if I can send an email and it looks like it came from an internal email address or someone you trust, you are more likely to act on it.

The changes are focusing on making it more difficult to impersonate valid email addresses

The approach being put into place by Yahoo, Google, and the rest in February employs a system of checks on records that DMARC Domain-based Message Authentication, Reporting and Conformance employ. DMARC is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, so the solution lies in the DNS records that every domain (your.com) uses to perform various technical functions.

To find out if you are DMARC compliant. Get a free evaluation using our DMARC report analyzer.

The need to implement DMARC

Being DMARC compliant involves setting up and monitoring a group of DNS records that perform the vital function of verifying that the email received originates from the purported sender.

DMARC is all about putting in a mechanism to prevent criminals and spammers from being able to create emails that look as if they come from a domain but are fake.

You may have read that the DMARC requirement being rolled out by Yahoo and Google only applies to large mail senders (Over 5,000 per day), but here is the rub.

The threshold will inevitably be reduced, and because larger companies will have complied with DMARC, making faking their email difficult for the Cybercriminals, as a result, inevitably, Cybercriminals will shift their focus to companies who aren’t DMARC compliant, the SMEs.

So my advice is that less Spam is a good thing, and making life more complicated for cybercriminals is in everyone’s interest, whatever size of business we run.

See how we can make your business DMARC-compliant and keep it compliant. Get a free evaluation using our DMARC report analyzer.

 

email delivery

Mail Authentication. (The technical stuff)

The first policy update affects your domain architecture. You now must use SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to authenticate your emails and prove they’re coming from a legitimate source.

SPF

SPF is an email authentication protocol that allows the owner of a domain to specify which mail servers they use to send mail from that domain. SPF records are published in DNS (Domain Name System) records and are used to verify that incoming mail from a domain comes from an IP address authorized by that domain’s administrators.

DKIM

DKIM is another email authentication protocol that allows the owner of a domain to attach a digital signature to outgoing emails. The signature is verified by the recipient’s mail server, which checks the signature against the public key published in the domain’s DNS records.

DMARC

DMARC is a protocol that works with SPF and DKIM to authenticate email senders and prevent spoofing and Phishing. Once set up, DMARC ensures that the destination email systems trust messages sent from your domain. Using DMARC with SPF and DKIM gives organizations more protection against spoofing and phishing emails.

Find out if you are DMARC compliant. Get a free evaluation using our DMARC report analyzer.

Improving email security by implementing DMARC, SPF, and DKIM can leave you with the problem of what to do with DMARC reports.

 

DMARC reporting analyzer, dmarc record, xml feedback, xml files

The UK National Cyber Security Centre provides helpful guidance (Email security and anti-spoofing) on the records you should implement to be compliant and avoid using your domain for spamming and Phishing campaigns.

If you have created a DMARC record, you will know that DMARC provides reports in an XML format that should be monitored to ensure smooth operation.

Valimail DMARC Report Analyzer.

 

dmarc reporting, dmarc analyzer, dmarc record, dmarc aggregate reports, email deliverability, dmarc check

DMARC report analyzer tools continuously monitor DMARC XML reports to ensure proper authentication of legitimate emails. Large providers, such as Gmail, Outlook, Yahoo, etc., are already implementing DMARC. Your mail servers can receive reports from domains that show the email traffic, including the pass/fail rate of DMARC evaluation, email sources, and other relevant data.

Contact us to arrange your trial

Shadow IT?

One of the issues customers often experience is being unaware of all the email sources working on and within the business.

Often, Invoices or credit control are being performed for the business by a supplier or contractor; you may use Mailgun or Mailchimp for email mailshots.

These sources are often forgotten or were set up by a team within the business without the IT department’s knowledge, a practice known as Shadow IT.

Monitoring is the first step.

When using multiple email-sending sources, each will require its own SPF mechanism to be included in your SPF record; you can quickly exceed the lookups limit and cause a “perm error” result.

By using our DMARC service to manage DMARC and SPF, you can:

  • Have unlimited SPF DNS lookups
  • Optimise your SPF record
  • Add, remove, and update unlimited email service providers
  • Mitigate and avoid outgoing email loss caused by “permerror.”

The answer to what to do with DMARC reports.

Managed DMARC

With Managed DMARC, you can control your DMARC record(s) from your DMARC portal.

With Managed DMARC report analyzer, you can:

  • Manage the DMARC policy of your domains and subdomains on our platform simply and effectively.
  • Manage your RUA and RUF tags. (These reports are converted into data on your dashboard).
  • Manage your SPF and DKIM alignment mode.
  • Investigate what DMARC policy will be applied to your email.
  • Get a configuration overview with email authentication from your email-sending services. DMARC report analyzer tools continuously monitor DMARC XML reports to ensure proper authentication of legitimate emails. 

    Valimail, dmarc report analyzer, dmarc reports, dmarc analyzer, dmarc compliance, domain's dmarc record, dmarc failures

The Impact of DMARC Changes on Spam Filtering:

We can expect the world of Spam filtering to benefit from the changes being made to the landscape of email authentication protocols, specifically the upcoming changes to Domain-based Message Authentication, Reporting, & Conformance (DMARC), which are poised to impact how spam filtering solutions handle email significantly.

Enhanced Email Security:

DMARC’s stricter alignment policies will force senders to authenticate their emails using SPF, DKIM, or both. This significantly tightens the security net, making it harder for spammers to spoof legitimate domains and infiltrate inboxes. Spam filters can leverage these stricter checks to identify and block unauthorized emails more accurately, potentially reducing spam volume.

Improved User Experience:

DMARC changes can enhance user trust and email engagement by reducing spam influx. Fewer unwanted messages translate to cleaner, safer inboxes, streamlining communication and boosting productivity. Additionally, with increased sender accountability, users can feel more confident about the legitimacy of their emails.

Challenges and Considerations:

While DMARC promises a cleaner email ecosystem, its implementation presents particular challenges. The stricter policies might initially increase email bounce rates for legitimate senders who haven’t properly configured their DMARC records. Additionally, spammers will target smaller organisations that haven’t implemented DMARC. Cybercriminals might resort to more sophisticated techniques to bypass authentication protocols, necessitating continuous adaptation and improvement from spam filtering solutions.

Conclusion:

The DMARC changes represent a significant step towards a more secure and reliable email environment. While initial challenges exist, the long-term benefits for users and email service providers are undeniable. Spam filtering solutions must evolve to adapt to the stricter authentication protocols. Still, the resulting reduced Spam and improved user experience promise a brighter future for email communication.

Contact us to arrange your trial

 

Valimail monitoring dmarc compliance, xml files, dmarc reports, dmarc analyzer

Tamite – Valimail Automated solution

Valimail is a cloud-based email authentication platform that fully automates DMARC configuration and policy management. With Valimail, you can enforce DMARC quickly and painlessly without needing an internal IT staff. Our email authentication platform replaces manual effort and guesswork with automation.

Automated solution

Valimail takes on most of the workload, so you don’t have to worry about identifying services or changing your DNS configuration. You can get free visibility into the services by sending emails as you do and taking quick action based on easy-to-do lists and automated workflows on the platform. Our DMARC solution will notify you of any concerns so you can relax knowing your domains are protected.

The Valimail approach

To get started, you only need to make a single DNS update to point your DMARC record to the Valimail Sender Identity Platform. Valimail’s interactive interface displays email-sending services by name, making identifying and managing them easy. You can select the sending services you want to allow to send as your domain and make changes in the drop-down menu if needed. We can even help you find the legitimate owners of the services that we discover. Remember, you are either at full DMARC enforcement or you aren’t, and there is no middle ground in keeping your domains protected.

what to do with DMARC reports

The requirement to implement DMARC on domains is going to cause lots of companies difficulties as only a fraction, less than 70%, are compliant, and once you set DMARC in place, you are faced with the necessity of dealing with the data, what to do with DMARC reports?

Do you know if your domains are DMARC compliant and what to do with DMARC reports?

Make no mistake, this is a good and necessary move, and as a result, Email security is about to get better with the rollout of stricter DMARC compliance by major email platforms such as Google and Yahoo, and supported by many corporations.

In summary, DMARC is a powerful tool that helps protect your domain from being spoofed (impersonated) by verifying the authenticity of email messages sent from your domain and preventing unauthorized access to your email accounts.

Without a strict and accurate reject policy, attackers can easily:

  • Spoof customer emails
  • Send convincing phishing messages using your domain
  • Steal data and credentials

what to do with dmarc check

An alarmingly high number of cyber breaches use spoofed domains to help them to trick their victims.

The reason for this update is simple – it is too easy for cybercriminals to impersonate legitimate domains and send us illegitimate emails that appear to be from legitimate businesses.

DMARC compliance provides us with additional proof that the emails we receive are legitimate and will prevent our brands from being hijacked to carry out phishing attacks on our customers and suppliers.

If you’re not sure whether you’re DMARC compliant, we can check for you. DMARC settings are designed to verify sender identity and prevent unauthorized emails from domains from being delivered.

Without a strict and accurate reject policy, attackers can easily spoof customer emails, send convincing phishing messages, and steal data and credentials.

Google and Microsoft will start blocking all non-DMARC emails on the 1st of February to clamp down on threats initially for high-volume email senders, but this is only the first phase, and they will extend the update to cover everyone in the near future.

“We have expertise in resolving email issues and also offer our customers a DMARC report management service.” Get your free DMARC compliance report. 

 

Combatting Holiday Cybercrime with AI: A Seasonal Guide to Stopping Spam Emails

As the festive season approaches, we’re all on high alert for the unwelcome gift of spam emails, social media scams, and romance fraud. Cybercriminals are ramping up their efforts to exploit the holiday cheer. But fear not; the AI revolution in cybersecurity products is our shining star, offering enhanced detection capabilities to shield us from these digital grinches.

This week, digital giants Amazon and Google pledged action on fraud; for the full BBC story, follow this link.

We believe this and other moves by the industry (see yesterday’s blog on the Yahoo and Google DMARC updates) are necessary steps forward; however, continually improving our defences is our focus and the approach we advocate to our customers.

Defending against spam emails and web-based fraud.

We recommend two solutions to our customers, which seem to be leveraging artificial Intelligence to enhance their solutions.

Conceal Browser-based security.

Firstly, Conceal is a lightweight browser add-on. The AI-powered capabilities seamlessly identify and neutralise emerging threats, ensuring comprehensive protection in the ever-evolving cyber landscape.

ConcealBrowse is the answer. It is a lightweight, versatile, and secure browser extension that is meticulously engineered to meet the needs of modern workers.

It serves as your frontline defence, monitoring and detecting potentially harmful URLs to ensure your safety within your organisation’s network. If a website is in doubt, ConcealBrowse uses its isolated and dynamic routing network to safeguard your identity and protect your organisation’s network from potential threats.

 Heimdal®’s Outliers Detection: The AI Guardian Against Email Scams

At the forefront of this battle is Heimdal®, recently unveiled “Outliers Detection,” an AI-driven feature that fortifies its Email Fraud Protection platform. This innovative tool employs anomaly detection and pattern recognition, distinguishing safe correspondence from malicious threats and spam emails with remarkable precision.

The Heimdal® XDR Platform: Vigilant AI-Powered Email Defenses

Outliers Detection is a robust defender against email dangers such as Business Email Compromise (BEC), CEO Fraud, and impersonation attacks. By weaving AI into the fabric of its Email Fraud Protection platform, Heimdal® arms its clients and partners with a proactive and powerful weapon against cybercrime.

spam emails detection

Why Outliers Detection is a Game-Changer

Launching at a critical time when spam emails, email fraud and financial fraud are becoming increasingly complex, outlier detection is a vital tool. The FBI’s Internet Crime Complaint Center (IC3) reports staggering losses due to business email compromise, highlighting the urgent need for AI’s predictive prowess in cybersecurity.

The Heimdal® Approach: AI at the Core of Cybersecurity

Valentin Rusu, Ph.D., Head of Artificial Intelligence at Heimdal®, asserts that AI is essential for modern cybersecurity strategies. The old reactive defence models are obsolete; proactive AI-based solutions are the future in our fight against sophisticated cyber threats.