Cyber security researchers have recently found out that cybercriminals are committing email account hijacking from 13 different renowned universities. They are launching phishing and malware attacks by getting around DMARC and SPF.
Over the years, with the progress of technology, cybercriminals have become more inventive in attacking organizations and stealing valuable information. They have come up with more sophisticated ways to exploit the pandemic situation this year.
The most common way to break through the cyber security wall is phishing emails and malware attacks. The prevalence of email threats has not even spared the famed universities like Purdue, Oxford, and Stanford.
Here are some statistics on cybercriminals hijacking legitimate email accounts of universities and tricking victims into handing over their login credentials:
- With 2.068 cases, the highest number of detected phishing emails came from Purdue University.
- This was followed by Oxford University (714), Hunter College (709), and Worcester Polytechnic Institute (393).
- This phishing attack campaign started in the summer of 2019 and the number of compromised accounts rose during the Covid-19 pandemic.
- According to reports, the threat groups TA407 and Cobalt Dickens are probably behind this attack campaign.
- The addresses sending phishing emails correspond to real university profiles, e.g., of a student, faculty member or staffer.
What is Email Hijacking and How does It Work?
Email hijacking is another form of a man-in-the-middle attack in which the hacker compromises and gains access to the email account of the victim. The attacker then secretly tracks the communication between the email sender and the recipient and uses the information for malicious purposes.
For example, an attacker may send an email from the victim’s account to their bank at an opportune moment and instruct them to wire transfer money to the attacker’s bank account, fraudulently. The attacker can also take over other accounts using this email which is linked to them.
Email hijacking is typically performed via phishing and other social engineering scams. In email hijacking, cyber criminals mislead victims to disclose their credentials by guiding them to fake login pages or tricking them to install malware.
How to Stop Email Hijacking and Phishing from Affecting Your Organization?
Here are some effective guidelines and practices that will help you to reduce the risk of email domain hijacking and secure your organization against data and monetary loss:
- Check the URL Carefully: A spoofed URL will have extra characters or fewer characters than the legitimate URL. It will help you differentiate the spoofed URL from the original one and prevent phishing.
- Be Mindful of Suspicious Source: Always check the sender’s address in the email. Did you expect the email? Scammers often send unexpected requests and warnings to create urgency.
- Practise Bookmarking Websites: It is advisable to bookmark legitimate websites so that you do not need to follow a link or type the URL, and it ensures the correct website loads each time.
- Protect Your Outgoing Email with the Application of Email Signing Certificate: Email Signing Certificate is sometimes referred to as S/MIME certificate or a personal authentication certificate. This certificate helps email recipients to verify if you are the actual sender of an email to them. There are two benefits of using this certificate:
- It defends your identity through the use of unique digital signatures
- Provide secure and end-to-end encryption for your emails
- Implement DMARC, SPF and DKIM to Combat Domain Forgery: These are a combination of authentication, reporting and policy protocols that block unauthorized use of your email domain.
Defend Your Email Domain Against Forgery With KDMARC
KDMARC is a GCA certified email authentication tool that monitors all the three email authentication protocols- DMARC, SPF and DKIM. The tool helps you stop your organization’s email domain forgery to prevent brand impersonation.
It also helps in increasing email deliverability and email engagement rate. KDMARC presents an all-inclusive email domain threat summary report along with threat analysis on your dashboard.
Click the button below to secure your email domain against spoofing for FREE with KDMARC!