Email attack

Email attack definition

An email attack or an email-centric assault is a hostile action conducted via email to infiltrate the recipient's computer, steal confidential data, or disrupt their regular activities. Such attacks utilize the email system as a conduit for disseminating malware, spam, and phishing exploits. In addition, the perpetrators frequently resort to deceitful strategies, including masquerading as reliable entities or imitating well-known services to coax recipients into accessing malicious attachments, engaging with dangerous links, or revealing sensitive particulars such as passwords and credit card information.

See also: angler phishing, email spoofing, anti-phishing service, business email compromise

Email attack examples

• Phishing: This technique involves attackers sending deceptive emails that pretend to be from reputable sources to trick recipients into revealing personal information or credentials.
• Clone phishing: In this scenario, attackers duplicate a legitimate email from a known sender but replace the original content or attachment with malicious versions to trick the recipient into interacting with it.
• Email spoofing: This involves attackers forging the header fields of an email, making it appear as if it came from someone other than the actual source. This can lead to a variety of scams or the distribution of malware.
• Business Email Compromise (BEC): Here, attackers impersonate a high-ranking official or a trusted partner in an organization to trick employees into transferring money or sharing confidential information.

Preventing email attacks

• Always verify the sender's email address.
• Be wary of unsolicited emails asking for sensitive information.
• Never click on links or open attachments from unknown senders.
• Maintain up-to-date antivirus software and an email client.
• Use email filters to block spam and phishing attempts.
• Regularly educate yourself and your team about the latest email scam tactics.