Dealing with a spoof mail attacks and phishing mail attacks a little story with a sad end part 1#9

of 35 | Dealing with a Spoof mail attack and Phishing mail attacks | a little story

with a sad end | Part 1#9

Written by Eyal Doron | o365info.com | Copyright © 2012-2016

Dealing with a Spoof mail attack and Phishing

mail attacks | a little story with a sad end |

Part 1#9

In the current article, I would like to review the chain of events that occurs every time, again and

again, in a scenario in which the attacker manages to successfully execute a Phishing mail attack.

The reaction of the involved persons is known in advance, and the sad end of the story is known

in advance.

The main goal of the story is - to serve as a wakeup call, so you do not have to be a character in

the play of – Phishing mail attack!

The major challenges relating to the subject of Spoof mail attack and Phishing mail attacks are

1. The fact the Phishing mail attack is a sophisticated attack that includes many parts that

will need to deal with each one of them separately such as – Spoof mail attack.

http://o365info.com/dealing-spoof-mail-attacks-phishing-mail-attacks-little-story-sad-end-part-1-of-9/


https://il.linkedin.com/in/eyaldoron1

http://o365info.com/




2. Our ignorance about the way the Phishing mail attack work and executed.

3. Our fake confidence which is based on our mistaken assumption that our mail

infrastructure is protected and can deal with all this “mambo jumbo attack” stuff.

Why are we so arrogant?

The common denominator of IT people is - the strong believe, that he is some kind of Albert

Einstein, that knows everything there is to know about IT and security.

If we have the courage to admit, most of us not really know what is the meaning of Phishing

mail attack, what are the characters of Phishing mail attack, what are the different flavor of

Phishing mail attack, what is the difference between spam mail, Phishing mail attack or a Spoof

E-mail.








The bitter truth appears when and where we least expect it!

Your organization experiences a successful Phishing mail attack, in which the attacker manages

to cause a huge damage to our organization.

You feel like a bull rammed you!








The next emotion in our emotional rollercoaster is "panic."

We don’t know what is volume of damage, we don’t know if our network was infected with

malicious code to continue to damage our organization or, just sit and wait for the right

opportunity.

The real reason of the “panic” is the very reasonable suspicion that his ass is on fire!








The next emotion in our emotional rollercoaster is "anger."

The source for the "anger," is frustration.

The source of the frustration is because:

We didn’t manage to identify and block the attack.

The fact that we are faced with the simple truth, that says that we are not so smart as we

thought.

The anger outcome is - shouting and screaming at everyone below us or any other person that

who we can shout.








One of the most popular “objects” for channeling our frustration is - the companies, that

provide us some kind of service because, most of the time they will not answer back.

This is the last phase of our bad trip, which I describe as the "the silent grief phase."

This is the phase in which we manage to understand and accept that there is nothing that we

can do besides of accept the reality, and understand that the attacker was smart enough to revel

in our weak spot.








The conclusion

The drama which was described is not so special or unique to a specific origination.

It happened all the time to many organizations.

The only difference between the events is the name and the faces of the people that are

involved.








The sad story about a Phishing mail attack and the sad end

Let me tell you a story that happened long long time ago in a distant land.

SCENE NUMBER 1

In our little story, your name is Jeff, and you are the CIO of a company that belongs to the

financial sector named – “Don’t do anything and hope that everything will work out by itself."

It's 9:30 in the morning; the sun is shining.








You're sitting in your office, drinking a cup of hot coffee (no sugar because you need to

maintain your weight).

You log on to Facebook, and start to watch some boring video of a dog or a cat, doing

something.








Your phone is ringing.

On the line is Suzan, the personal assistant of Brad, the company CEO.

Suzan is asking you to urgently come to Brad’s office.








Your gut feeling is telling you that something is wrong!

You enter the Brad’s room.

Brad asks you to close the door behind you.

The facial expression of Brad is grave and serious.

Brad says:

"Jeff, let's make it simple and straight-forward.

Yesterday, I got an E-mail message from David (David is the company CFO) that asked me to

deposit 500, 000$ in a specific bank account.

The purpose of the deposit was an initial payment for a big acquisition deal, which is about to

take place soon.”

This morning, after a brief conversation with David, I understand that I was a victim of an ugly

fraud!








1. I want my money back!

2. I want you to locate the persons that carried out this ugly fraud + report the information to

the police!








3. I demand to know - how can it be that our security infrastructure that costs us so much

money, didn’t recognize and blocked this attack, and I demand to know who to blame and who

is the person that is responsible for this disaster!








SCENE NUMBER 2

You can hear your heart pounding.








You Instantly call Billy (the company IT manager), and ask him firmly, to reach your office

immediately.

Billy enters your office.

You ask Billy to close the door behind him.








You inform Billy about the "mess," waving your finger in his face.

You inform Billy that you need instant answers and that someone will have to pay the price!








SCENE NUMBER 3

Billy rushes into his office, finds Bob (the Help desk manager), and informs him about the

"issue."








Billy asks from Bob to immediately call the IT company, which planned and built our mail

infrastructure, and inform them that they will have to provide an accurate answer to the

following questions:

1. How did the hostile element manage to hack our system despite the advanced security

infrastructure that was supposed to protect our mail infrastructure?

2. How to identify with certainty the hostile element, and locate the hostile element which

carried out the attack?

3. How are they going to compensate us for the Indignities and the financial losses?








SCENE NUMBER 4

Bob calls the technical support of the IT company that built our mail infrastructure.

Bob informs them about the incident that happened, and present the list of questions.








The "other side", explains that this problem is not related to "their side" in any way, and that the

responsibility for protecting the organization mail infrastructure from such attack, is the

responsibility of the organization that owns the mail infrastructure meaning, our responsibility.








After an exchange of harsh words, Bob disconnects the call and informs Billy that the provider

refuses to help us and in addition, blames us for the "mess".








SCENE NUMBER 5

Billy (the company IT manager) picks up the phone, and calls the technical support of the

provider who built the mail infrastructure.








Billy asks politely but firmly to talk to Stephen, the manager!

Stephen explains that this problem is not related to "their side" in any way, and that

responsibility for protecting the organization mail infrastructure from such attack, is the

responsibility of the organization who owns and manages the mail infrastructure.








After an exchange of harsh words, Billy disconnects the call.








SCENE NUMBER 6

Billy calls you (just a quick reminder; you are Jeff the company CIO) and reports on the

conversation with Stephen.

The bottom line – Stephen that represents the IT company that built our mail infrastructure

declares that – they are not willing to take any kind of responsibility for this mess!








You ordered Billy to immediately summon a conference call, that includes yourself, Billy (the

company IT manager) and Stephen.








You start the phone conversation with some statement about the fact that you have decades of

experience in the field (usually, the magic number is 15 years).








You continue to the "threats phase", and clarify unambiguously that if he (the provider) will not

take responsibility, provide immediate answers and solve the mess, you will fire him, sue him,

and in addition, publish negative information about his company on Facebook.








Stephen says that he is very sorry, that he understands my pain, but nothing he can do to help

us in this scenario.








SCENE NUMBER 7

Clumping you enter the director's office.








You start to stutter and mumble about security risks, cyber-attacks, the difficulty in dealing with

the risks and threats of the modern work environment.

Brad (your CEO) informs you that you will have drawn the required conclusions.








SCENE NUMBER 8

Two years passed since you have been fired following the unfortunate incident.

You could not find another job (because of age and other reasons).

Your financial situation is not good, and you get a call from the bank on a daily basis.

After many reflections and obsessive thoughts, you decide that….








SCENE NUMBER 9

The wind blows in your face.

You're standing on a high bridge looking into the abyss which pours down!

Good-bye crawl word!








THE NEXT ARTICLE IN THE CURRENT ARTICLE SERIES IS

Dealing with a Spoof mail attack and Phishing mail attacks | a little story with a sad end |

Part 1#9







Dealing with a spoof mail attacks and phishing mail attacks a little story with a sad end part 1#9

Documents

Transcript of Dealing with a spoof mail attacks and phishing mail attacks a little story with a sad end part 1#9