How might attackers have used email spoofing and short URL services to make their phishing attempts at FinancePlus more convincing? Discuss any challenges and ways to fix these issues.
Added by Jorge H.
Step 1
Let's think step by step. Show more…
Show all steps
Your feedback will help us improve your experience
Akash M and 57 other AP CS educators are ready to help you.
Ask a new question
Labs
Want to see this concept in action?
Explore this concept interactively to see how it behaves as you change inputs.
Key Concepts
Recommended Videos
Scenario 2: Spear-Phishing Attack! It appears that someone is using your firm's corporate directory - which includes job titles and email addresses - to contact senior managers and directors via email. The email requests that the recipient click on a URL, which leads to a website that looks as if it were designed by your Human Resources organization. Once at this phony website, the employees are asked to confirm the bank and account number to be used for electronic deposit of their annual bonus check. Tackle the following questions related to the provided scenario: Question 3: Draft a legitimate-looking phishing email that would strongly tempt its recipients to click on a link to a website or open an email attachment. Question 4: Imagine that your team must obtain the email login and password to as many email accounts as possible. Brainstorm ideas that might enable you to obtain these credentials.
Akash M.
Scenario You work for a PR and marketing company that handles highly sensitive information for its high-profile clients. Client records are stored in a database and file system hosted on your private corporate network. As well as client records, this includes media such as photos and videos. Most remote client communications and data transfers take place using a one-to-one encrypted messaging app, but you also accommodate some clients who prefer to use email. A high percentage of your staff work remotely, accessing data and services over a VPN. You are reviewing your security procedures in the light of some high-profile hacks of celebrity data. At this point, you want to understand the attack surface and attack vectors by which your private network could be compromised. 1. What remote access methods could an attacker exploit? 2. Focusing on email, think of how email is processed as it is sent by a remote user and received by your company. What are the attack vectors against the company's email servers? How can these be related to adversary capability, assuming the levels to be advanced (most capable), developed, and augmented (least capable)? 3. What comes next in the chain of processing incoming email, and what attack vectors can adversaries exploit? 4. What countermeasures can be deployed for each email attack vector?
Supreeta N.
An electronic mail system could be used to leak information. First, explain how the leakage could occur. Then, identify controls that could be applied to detect or prevent the leakage
Recommended Textbooks
Computer Science and Information Technology
Introduction to Programming Using Python
Computer Science - An Overview
Transcript
18,000,000+
Students on Numerade
Trusted by students at 8,000+ universities
Watch the video solution with this free unlock.
EMAIL
PASSWORD