The most recent Ransomware to hit the streets, Maktub, encrypts your files in seconds. The main infection vector – the e-terrorist’s favourite – Email.
Fake invoice letters were sent out, following the compromise of at least one online database. Those who opened documents / clicked on links were infected. Several organisations reputations are in danger, as victims initially clamour to blame the alleged e-mail sender.
Had the originating domains (not organisations – for it was only their names that were used) employed e-mail sender verification tools such as DKIM and SPF, many of these messages would not have made it top inboxes.
At the same time, providers need to implement inbound checking for SPF and DKIM records. Many don’t, as is evidenced by the rapid spread of Maktub. Domain owners and managers need to understand the importance of good security, no matter the size of their organisation.
Two Up IT provide Mail Security advice and services, providing as much protection as possible to you as a recipient by removing forged e-mails before they are sent, and by implementing mail security features to reduce the number of e-mails that only claim to be from your domain from arriving in other peoples inboxes.
Please don’t comment on this article.