|
Tuesday, 13 September 2011 11:06 |
|
 Viruses can be sent as an attachment staff and pupils need to be aware of this and informed not to open attachments if they do not trust the sender. Whenever possible, the email solution used should encrypt email communications between email client and email server; traffic sent to external email addresses is sent in clear text unless additional security is provided.
An increasingly popular technique for harvesting confidential data is the use of doppelganger domains. These email domains are impersonating real domains and receiving email communications as a result of senders mistyping the destination email address (e.g. @bankco.uk instead of @bank.co.uk.) Doppelganger domains have a potent impact via email as attackers could gather confidential information, user names and passwords and employee information.
Researcher's setup one doppelganger domain and grabbed 20GB of data from 120,000 wrongly sent messages in a six month period. Many of the doppelganger domains are owned by individuals in China or linked to sites associated with malware or phishing.
Full story on the BBC News website.
For Guidance on email security and esafety have a look at our Is Your School Data Protected article or our general eSafety area.
|
Labels: