Revisiting Email Spoofing Attacks

نویسندگان

  • Hang Hu
  • Gang Wang
چکیده

The email system is the central battleground against phishing and social engineering attacks, and yet email providers still face key challenges to authenticate incoming emails. As a result, attackers can apply spoofing techniques to impersonate a trusted entity to conduct highly deceptive phishing attacks. In this work, we study email spoofing to answer three key questions: (1) How do email providers detect and handle forged emails? (2) Under what conditions can forged emails penetrate the defense to reach user inbox? (3) Once the forged email gets in, how email providers warn users? Is the warning truly effective? We answer these questions through end-to-end measurements on 35 popular email providers (used by billions of users), and extensive user studies (N = 913) that consist of both simulated and real-world phishing experiments. We have four key findings. First, most popular email providers have the necessary protocols to detect spoofing, but still allow forged emails to get into user inbox (e.g., Yahoo Mail, iCloud, Gmail). Second, once a forged email gets in, most email providers have no warnings for users, particularly on mobile email apps. Some providers (e.g., Gmail Inbox) even have misleading UIs that make the forged email look authentic. Third, a few email providers (9/35) have implemented visual security cues for unverified emails, which demonstrate a positive impact to reduce risky user actions. Comparing simulated experiments with realistic phishing tests, we observe that the impact of security cue is less significant when users are caught off guard in the real-world setting.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Review on Phishing Attacks and Various Anti Phishing Techniques

Phishing is a threat that acquire sensitive information such as username, password etc through online. Phishing often takes place in email spoofing or instant messaging .Phishing email contains messages like ask the users to enter the personal information so that it is easy for hackers to hack the information. This paper presents an overview about various phishing attacks and various techniques...

متن کامل

Browsers Defenses against Phishing, Spoofing and Malware 1 Ssl-based Logon

Web users are increasingly victims of phishing, spoofing and malware attacks. In this article, we discuss existing and proposed defense mechanisms. We highlight the vulnerabilities of current defenses, and the challenges of validating and adopting new defenses.

متن کامل

Default Free Introduction , Rare Self - Introduction Fee , Costly Spoofing : No Profitable Spam ?

Bankable Postage (BP) has been proposed as a mechanism to attack the underlying techico-economic reasons for spamming. However, BP is costly to legitimate users and threatens to be undermined by spoofing attacks. In this paper we show how to use the Claim Tool Kit to defeat these attacks and propose a collaborative recommendation technique to reduce the number of BPs required by legitimate user...

متن کامل

Exception Agent Detection System for IP Spoofing Over Online Environments

Over the recent years, IP and email spoofing gained much importance for security concerns due to the current changes in manipulating the system performance in different online environments. Intrusion Detection System (IDS) has been used to secure these environments for sharing their data over network and host based IDS approaches. However, the rapid growth of intrusion events over Internet and ...

متن کامل

SIPS: A Stateful and Flow-Based Intrusion Prevention System for Email Applications

In the fast-growing internet applications, email becomes more and more important in communication. SMTP attacks and spam have become one of the most serious problems. Particularly, the SMTP attacks and spam varies on email, for example spoofing address, illegal characters, sending in bulk, too many SMTP commands and so on. A single security technique is not enough to protect the system from the...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/1801.00853  شماره 

صفحات  -

تاریخ انتشار 2018