Email protocols (such as SMTP, POP, IMAP, MIME) were designed to deliver messaging functionality rather than security. It is relatively simple to spoof a sender and/or their domain using email. Yet, the bulk of business communication remains driven through email. Email is also the primary vector used for malware attacks, phishing attacks, business email compromise and other attacks. What to do? Can you trust the source of that the email you received?
We discuss strengths and drawbacks of existing technical standards (such as SPF, DKIM, DMARC) to prevent email spoofing and secure email protocols such as S/MIME. We discuss AI/ML- and reputation-based approaches to improve confidence in email origination as well as a novel known-sender-profiling approach that can further protect a user against email spoofing.
Identify the weaknesses of standard email protocols and how spoofed emails can result in serious cybersecurity and business compromise.
Identify and implement existing technical protocols that prevent attackers from spoofing their domain and/or senders, while realizing that these techniques are not very helpful in preventing attackers from sending spoofed emails to users within their own domain.
Learn about and apply additional existing tools and techniques as well as a novel known-sender profiling technique to achieve a higher level of protection against email spoofing.