Email Investigation Part 1
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
Already have an account? Sign In »
17 hours 41 minutes
Hi, everyone. Welcome back to the course. So the last module we wrapped up our discussion on malware
In this video, we're gonna talk about email crimes.
So just a quick pre assessment question. The Canned Spam Act sets rules for sending commercial e mails. Is that true or false?
All right, so that's true. The Canned Spam Act is the main thing that you hear people talking about as you get different emails from businesses on. And that's why you also see that I'm just on Susan unsubscribe button in those e mails.
So there's some basics on email s O, for example, I send you an email so it goes through my email server first, and then it goes to your email server. And then from there, it goes to you. Right now, that's kind of very a very simplistic definition, but that's essentially how e mail works.
We have different types of email crime, so things like spamming, phishing, mail, bombing, spoofing, identity fraud and chain letter, and some of these kind of work hand in hand, right? So, for example, a chain letter could be involved in fishing. Also, spamming emails could be part of fishing you know, even a spoofing is part of fishing right there trying to hide their identity.
So a lot of these correlate with each other. But you just want to know these as individual items
for the exam,
so spamming. So as the name implies, this is unsolicited email. It's a whole lot of it s o it. And ah, I think the last figure I had read was somewhere around like, 60 to 70% of all e mail is spam, which is pretty accurate, I think. Still.
And then, of course, you know, as I mentioned, the canned Spam Act, um, that covers commercial email. So, for example, it also it also covers, like if I wanted to spend a bunch of people, I could be held accountable under under that law. But specifically it's designed for businesses that are sending e mails
and in that light, non transactional emails, Right. So, like, you know, you go to Amazon and you buy something, they send you an email saying, Hey,
you know, you bought something that's generally not covered under can spam act. However, you know, you sign up for my email list to get my newsletter and then you unsubscribe. And I keep sending you the newsletter, you know, keep sending emails, trying to sell you stuff that would be considered spam
fishing. So, you know, obviously this is a very popular social engineering attack. No days, eh? So the goal here is to get some kind of sensitive information or potentially get a transaction done. Right. So, uh, it might be a situation where they're trying to harvest your user name and password, trying to get banking information from me, Whatever the case might be
where also, the attacker might be trying to get you to, like, wire them money, right?
And that's what we see most commonly in business. The business world. Miss acting attacker, you know, says, hey, is this a CEO? You know, um, you know, traveling abroad quickly send me, You know, 10 $10 million to this banking cow. You know, it's maybe not that much, but, you know, you get the idea, right? It's ah, they're trying to get money sent
two different account that doesn't exist, and you some kind of sense of urgency to do so. And in the interim, what they're doing is they're spoofing the identity of some individual of authority.
Mail bomb. As the name implies, it's sending a large amount of e mails. The goal here is to either overflow. The email Boxer overwhelmed the email server
spoofing as I mentioned, it's used a lot of times and phishing emails Eso Mexico, the Attackers forging the email header. So, you know, they're saying, Hey, this is John Doe and and instead, it's really coming from, you know, in this example, like Amy Bolden, for example. Um,
so again, just trying to hide their identities. So that way you will actually be more inclined to open that email and take some action on it.
Identity fraud. So it's the name applies here on day again. These are pretty easy, right? The name kind of gives it away someone else's identity, right? We're using someone else's identity to do something
s so that might be like performing a crime or even just defrauding. Um,
and actually, you know, identity fraud can occur without identity theft. Right? You know. So let's say you got a boyfriend girlfriend, um, you know, inadvertently. You know, you give him, like, your date of birth of something toe pay the electric bill, whatever the case might be, so they can pay a bill in your name while you're at work or something. Um, you know, because they need to identify with the with the vendor, right?
And so then that individual then takes your date of birth and uses its, like, open accounts and stuff in your name as well elsewhere. Right. So that would be identity fraud. Um, but they didn't necessarily. I steal your identity because you gave it to him, right? You gave them the information. They needed
chain letters. You still see these two? Some capacity. Most in time. They just go to your spam e mail. But, you know, they're generally designed to either defraud you. That's kind of the most popular thing. Um, you know, like, hey, you know, you gotta, you know, you're gonna learn a lot of money if you do this right,
um, or urban legends, you know, like, Oh, did you hear about this? Or that happened? And then you ford it to your friends, et cetera, et cetera. Those air designed just to waste your time.
Electronic records management. So these some benefits of this four organizations helps you. Ah, you know, maintain better. Protect helps you better, Better follow. Excuse me. Legal mandates for protection and data
also can help prevent against unauthorized access. Prevent against statement a manipulation. They can reduce the retrieval costs and then also allows you to treated information on demand. So, for example, if you were in the health care industry and regulatory body came by and said, Hey, I want to see the patient record
with electronic records, you could just pull it up almost instantaneously.
In some cases, there are some paper records you still would have toe request, but for the most part, to pull it up electronically and show it right there to the investigator.
So just a quick post assessment question here. An email bombed involves a small amount of email messages being sent. Is that true or false?
All right, so we know that's false, right? As the name implies, it's a bomb, right? It's a whole lot of stuff going on. So in this video we talked about different email crimes. In the next video, we'll go over Microsoft Exchange email logs