Email

Probing an Active Digital Trail of Iranian Hackers

WhoisXML API threat researcher Dancho Danchev obtained a publicly accessible list of email addresses known to be owned and used by Iranian hackers. The email addresses led us to more than 4,400 domain names, any of which can be weaponized and used in phishing, credential theft, and other forms of cyber attacks.

Given a Malicious Email Address, What Can You Discover with Maltego’s WhoisXML API Transforms?

On any given day, most of us get more emails that we won't read than those that we would. Many of these messages will remain unread and sent to the trash. There comes the third category of emails: Those we wished we hadn't read and acted upon because they are bound to be malicious, sent by cybercriminals trying to lure you into one of their scams.

Come April, Nothing Is Certain Except Phishing and Taxes

In the past years, threat actors have made it a point to prey on U.S. taxpayers using phishing emails supposedly from the Internal Revenue Service (IRS). The goal is often to trick victims into giving their login credentials to various platforms. This year is no different.

Business Email Compromise Attacks: The Big Phishing Scam That’s Easily Missed

Business email compromise (BEC) attacks are arguably the most sophisticated of all email phishing attacks, and some of the most costly. From 2016-2018, BEC alone made $5.3 billion, but it's not an attack that everyone is familiar with.

MarkMonitor Releases New gTLD Quarterly Report for Q3 2020

MarkMonitor today released its latest issue of the New gTLD Quarterly Report for the third quarter of 2020 with particular focus on the innovations made by Registry Operators, including the newest example of a domain product with significant security benefits.

Addressing Business Email Compromise in the Time of Coronavirus with Email Validation

Cybercriminals know no boundaries. While the world battles the COVID-19 pandemic, threat actors continue to attack businesses that may already be suffering from operational setbacks.

Using Email Validation Tools to Stop Malspam Campaigns in Their Tracks

Melissa, what many consider to be the first malspam campaign, emerged in 1999. Once successfully installed, the "mass-mailing" virus forwarded copies of itself to the first 50 email addresses on a victim's contact list. While the malware wasn't as dangerous as current variants, it could still effectively max out network resources, resulting in downtime.

Fight Against Phishing: Email Address Verification as a Cybersecurity Process

Phishing keeps making much noise in the realm of cybersecurity, and not in a good way. A majority of cyber attacks start with a phishing email, making the tactic responsible, at least partially, for close to 90% of data breaches.

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

At the most basic level, the Internet consists of interconnected networks that communicate using standard protocols such as the Border Gateway Protocol (BGP) and the Domain Name System (DNS). As such, it is built on trust or an honor system – trust that routing requests received from another network are valid, and the traffic sent in response to requests is legitimate.

Common Threats That Can Be Overcome by Email Verification

One of the most effective and prevalent ways to reach someone in today's business world remains email. With billions of users worldwide, it is the backbone of business communications.