Pengguna:NFarras/bak pasir 2: Perbedaan antara revisi

'''Email spoofing''' is the creation of [[email]] messages with a [[Message forgery|forged]] sender address.

 

The original transmission protocols used for email do not have built-in authentication methods: this deficiency allows [[Email spam|spam]] and [[phishing]] emails to use spoofing in order to mislead the recipient. More recent [[#Countermeasures|countermeasures]] have made such spoofing from internet sources more difficult but not eliminated it; few internal networks have defences against a spoof email from a colleague's [[Computer security|compromised computer]] on that network. Individuals and businesses deceived by spoof emails may suffer significant financial losses; businesses risk compound losses since email spoofing is one of the primary routes to embed [[ransomware]].

 

When a [[Simple Mail Transfer Protocol|Simple Mail Transfer Protocol (SMTP)]] email is sent, the initial connection provides two pieces of address information:

* '''MAIL FROM:''' - generally presented to the recipient as the ''Return-path:'' header but not normally visible to the end user, and by default ''no checks'' are done that the sending system is authorized to send on behalf of that address.

To effectively stop forged email being delivered, the sending domains, their mail servers, and the receiving system all need to be configured correctly for these higher standards of authentication. Although their use is increasing, estimates vary widely as to what percentage of emails have no form of domain authentication: from 8.6%<ref>{{cite web |url=https://security.googleblog.com/2013/12/internet-wide-efforts-to-fight-email.html |title=Internet-wide efforts to fight email phishing are working |publisher=Google Security Blog |first1=Elie |last1=Bursztein |first2=Vijay |last2=Eranti |date=2013-12-06 |access-date=2019-04-08}}</ref> to "almost half".<ref>{{cite web |url=https://eggert.org/meter/spf |title=SPF Deployment Trends |first=Lars |last=Eggert |url-status=dead |archive-url=https://web.archive.org/web/20160402102130/https://eggert.org/meter/spf |archive-date=2016-04-02 |access-date=2019-04-08}}</ref><ref>{{cite web |url=https://eggert.org/meter/dkim |title=DKIM Deployment Trends |first=Lars |last=Eggert |url-status=dead |archive-url=https://web.archive.org/web/20180822084116/https://eggert.org/meter/dkim |archive-date=2018-08-22 |access-date=2019-04-08}}</ref><ref>{{cite web |url=https://dmarc.org/press/release-20130206/ |title=In First Year, DMARC Protects 60 Percent of Global Consumer Mailboxes |website=dmarc.org |date=2013-02-06 |access-date=2019-04-08}}</ref> For this reason, receiving mail systems typically have a range of settings to configure how they treat poorly-configured domains or email.<ref>{{cite web |title=Prevent spoofed messages with spoofed senders detection |url=https://support.symantec.com/en_US/article.HOWTO119230.html |access-date=2019-04-08}}</ref><ref>{{cite web |title=Anti-spoofing protection in Office 365 |url=https://docs.microsoft.com/en-us/office365/securitycompliance/anti-spoofing-protection |access-date=2019-04-08}}</ref>

 

'''Business email compromise attacks''' are a class of [[Cybercrime|cyber crime]] that use [[email fraud]] to attack commercial, government and [[Nonprofit organization|non-profit]] organizations to achieve a specific outcome which negatively impacts the target organization. Examples include invoice scams and spear [[phishing]] spoof attacks which are designed to gather data for other criminal activities. A business deceived by an email spoof can suffer additional financial, [[business continuity]] and reputational damage: fake emails are a favored route for ransomware that can stop operations unless a ransom is paid; consumer privacy breaches can also be enabled.

 

The worldwide financial impact is large. The United States's [[Federal Bureau of Investigation]] recorded $26 billion of US and international losses associated with BEC attacks between June 2016 and July 2019.<ref>{{cite web |title=Business Email Compromise Is Extremely Costly And Increasingly Preventable |url=https://www.forbes.com/sites/forbestechcouncil/2020/04/15/business-email-compromise-is-extremely-costly-and-increasingly-preventable/?sh=74b6086c5d36 |work=Forbes Media |date=15 April 2020 |access-date=2 December 2020}}</ref>

 

* Dublin Zoo lost €130,000 in a such a scam in 2017 - a total of €500,000 was taken, though most was recovered.<ref>{{Cite web|url=https://www.irishexaminer.com/ireland/dublin-zoo-lost-500k-after-falling-victim-to-cyber-scam-464818.html|title=Dublin Zoo lost €500k after falling victim to cyber-scam|date=22 December 2017}}</ref>

* The Austrian aerospace firm FACC AG was defrauded of 42 million euros ($47 million) through an attack in February 2016 - and subsequently fired both the CFO and CEO.<ref>{{cite news |title=Austria's FACC, hit by cyber fraud, fires CEO |url=https://www.reuters.com/article/us-facc-ceo-idUSKCN0YG0ZF |access-date=20 December 2018 |work=Reuters |date=26 May 2016}}</ref>