1478:
797:
A carefully tailored SPF record will reduce the likelihood of your domain name getting fraudulently spoofed and keep your messages from getting flagged as spam before they reach your recipients. Email spoofing is the creation of email messages with a forged sender address; something that is simple to
341:
To effectively stop forged email being delivered, the sending domains, their mail servers, and the receiving system all need to be configured correctly for these higher standards of authentication. Although their use is increasing, estimates vary widely as to what percentage of emails have no form of
345:
While there has been research into improving email security, little emphasis has been placed on informing users whose email addresses have been used for spoofing. Currently, only the email recipient can identify a fake email, and users whose addresses are spoofed remain unaware unless the recipient
233:
In this case, even if Bob's system detects the incoming mail as containing malware, he sees the source as being
Charlie, even though it really came from Alice's computer. Meanwhile, Alice may remain unaware that her computer has been infected, and Charlie does not know anything about it at all,
320:
protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. The purpose and primary outcome of implementing DMARC is to protect a domain from being used in
195:
Email spoofing has been responsible for public incidents with serious business and financial consequences. This was the case in an
October 2013 email to a news agency which was spoofed to look as if it was from the Swedish company
1035:
41:
sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an unrelated party whose identity has been faked.
1235:
380:
Typically, an attack targets specific employee roles within an organization by sending spoof emails which fraudulently represent a senior colleague, trusted customer, or supplier. (This type of attack is known as
172:
of the computer sending the mail can generally be identified from the "Received:" lines in the email header. In malicious cases, however, this is likely to be the computer of an innocent third party infected by
460:
Australian organisations that reported business email compromise attacks on the
Australian Competition and Consumer Commission suffered approximately $ 2,800,000 (AUD) in financial losses for the 2018 year.
774:
215:
among many more modern examples often search for email addresses within the computer they have infected, and they use those addresses both as targets for email, and also to create credible forged
125:
Joe Q Doe <joeqdoe@example.com> – the address visible to the recipient; but again, by default no checks are done that the sending system is authorized to send on behalf of that address.
342:
domain authentication: from 8.6% to "almost half". For this reason, receiving mail systems typically have a range of settings to configure how they treat poorly-configured domains or email.
118:. Unless the receiving mail server signals that it has problems with either of these items, the sending system sends the "DATA" command, and typically sends several header items, including:
254:
generate NDRs for detected spam, viruses etc. but to reject the email during the SMTP transaction. When mail administrators fail to take this approach, their systems are guilty of sending "
1027:
1079:
69:
have made such spoofing from internet sources more difficult but they have not eliminated it completely; few internal networks have defences against a spoof email from a colleague's
1223:
744:
73:
on that network. Individuals and businesses deceived by spoof emails may suffer significant financial losses; in particular, spoofed emails are often used to infect computers with
313:
1307:
798:
do because many mail servers do not perform authentication. Spam and phishing emails typically use such spoofing to mislead the recipient about the origin of the message.
46:
or "masked" email is a different topic, providing a masked email address that is not the user's normal address, which is not disclosed (for example, so that it cannot be
1006:
946:
976:
1165:
1135:
815:
604:
1962:
784:
678:
100:
header but not normally visible to the end user, and by default no checks are done that the sending system is authorized to send on behalf of that address.
2713:
1277:
1200:
400:
billion of US and international losses associated with BEC attacks between June 2016 and July 2019. More recent figures estimate losses of over $ 50
274:
system used to encrypt server-to-server email traffic can also be used to enforce authentication, but in practice it is seldom used, and a range of
369:
attacks which are designed to gather data for other criminal activities. A business deceived by an email spoof can suffer additional financial,
1372:
714:
1075:
657:
921:
752:
1109:
1955:
1916:
17:
2726:
1299:
627:
3169:
2943:
1893:
1948:
998:
574:"A survey and classification of web phishing detection schemes: Phishing is a fraudulent act that is used to deceive users"
2983:
2602:
1924:
942:
968:
463:
In 2013, Evaldas
Rimasauskas and his employees sent thousands of fraud emails to get access to companies' email systems.
2958:
2771:
1365:
896:
1157:
3164:
1856:
322:
229:
From Alice's computer, the worm sends an infected email to Bob, but is forged to appear as if it was sent by
Charlie.
1131:
811:
1652:
219:
fields in the emails that they send. This is to ensure that the emails are more likely to be opened. For example:
2731:
2667:
2592:
1906:
393:
682:
385:). The email will issue instructions, such as approving payments or releasing client data. The emails often use
3174:
2171:
3144:
2612:
2407:
2021:
1719:
1358:
1269:
545:
386:
246:
if it could not be delivered or had been quarantined for any reason. These would be sent to the "MAIL FROM:"
86:
2938:
2820:
2296:
2111:
863:
413:
Dublin Zoo lost €130,000 in such a scam in 2017 – a total of €500,000 was taken, though most was recovered.
837:
548: – Psychological manipulation of people into performing actions or divulging confidential information
2161:
1911:
1832:
1632:
1188:
3159:
2978:
2657:
2647:
2617:
2372:
2256:
1888:
1846:
1502:
917:
302:
method designed to detect forged sender addresses in email (email spoofing), a technique often used in
295:
1332:
2708:
2687:
2632:
2126:
1749:
1467:
491:
114:
Together, these are sometimes referred to as the "envelope" addressing – an analogy to a traditional
106:
specifies which email address the email is delivered to, is not normally visible to the end user but
3149:
2953:
2850:
2815:
2682:
2487:
2276:
1734:
1612:
1507:
1270:"Business loses $ 300,000 to 'spoofed' email scam: How to protect yourself from being impersonated"
434:
271:
47:
43:
705:
2652:
2507:
2336:
1822:
1774:
1437:
285:
649:
2788:
2764:
2582:
2346:
2311:
2286:
2166:
2131:
2066:
518: – Techniques aimed at providing verifiable information about the origin of email messages
503:
2738:
2549:
2146:
2136:
1863:
1597:
450:
427:
226:
The worm code searches Alice's email address book and finds the addresses of Bob and
Charlie.
141:
The result is that the email recipient sees the email as having come from the address in the
54:
1101:
204:
offered to purchase the company. The news spread and the stock exchange rate surged by 50%.
2993:
2963:
2930:
2622:
2442:
2432:
2301:
1883:
1795:
1744:
1689:
1557:
1530:
1512:
1410:
1381:
515:
317:
299:
289:
149:
address, and if they reply to the email, it will go to either the address presented in the
1477:
424:
million) through an attack in
February 2016 – and subsequently fired both the CFO and CEO.
250:"Return Path" address. With the massive rise in forged addresses, best practice is now to
8:
3154:
2968:
2810:
2703:
2377:
2351:
2316:
2241:
2176:
2101:
1667:
1442:
1400:
623:
370:
255:
162:
3179:
2677:
2572:
2512:
2091:
2086:
1851:
1779:
1684:
573:
389:
to trick the victim into making money transfers to the bank account of the fraudster.
3134:
2948:
2891:
2757:
2718:
2427:
2326:
2191:
1899:
1657:
1592:
1542:
1489:
1447:
1395:
440:
197:
70:
2749:
482: – Computer program that modifies other programs to replicate itself and spread
292:
method designed to detect forging sender addresses during the delivery of the email.
258:" emails to innocent parties – in itself a form of spam – or being used to perform "
3089:
3036:
2577:
2539:
2467:
2402:
2331:
2321:
2281:
2211:
2151:
2051:
2036:
2031:
2026:
1868:
1808:
1572:
1562:
1457:
605:"What is masked email? This new spin on an old practice supercharges your security"
585:
551:
57:
used for email do not have built-in authentication methods: this deficiency allows
89:
email is sent, the initial connection provides two pieces of address information:
3101:
3071:
2805:
2637:
2607:
2534:
2517:
2382:
2186:
2046:
1759:
1739:
1637:
1462:
1452:
38:
27:
Creating email spam or phishing messages with a forged sender identity or address
3184:
3139:
3111:
3081:
3031:
2973:
2896:
2886:
2559:
2544:
2361:
2266:
2246:
2181:
1929:
1827:
1677:
1602:
1567:
1547:
1427:
1415:
775:"How To use an SPF Record to Prevent Spoofing & Improve E-mail Reliability"
554: – Creating a website, as a hoax, with the intention of misleading readers
479:
382:
366:
243:
158:
1940:
3128:
3046:
3011:
2911:
2845:
2672:
2642:
2472:
2271:
2236:
2221:
2076:
2056:
1988:
1839:
1800:
1769:
1764:
1617:
1607:
1577:
485:
1057:
1028:"Business Email Compromise Is Extremely Costly And Increasingly Preventable"
888:
3094:
3051:
3021:
2871:
2662:
2627:
2564:
2502:
2497:
2482:
2452:
2397:
2341:
2251:
2201:
2096:
2061:
1873:
1729:
1432:
779:
473:
334:
212:
3056:
2866:
2587:
2529:
2447:
2437:
2417:
2392:
2306:
2231:
2226:
2216:
2206:
2116:
2041:
2003:
1813:
1647:
1622:
1587:
1422:
362:
330:
189:
157:
header, but none of these addresses are typically reliable, so automated
242:
Traditionally, mail servers could accept a mail item, then later send a
3026:
3003:
2876:
2835:
2797:
2524:
2477:
2422:
2412:
2387:
2261:
2196:
2121:
2081:
2071:
1878:
1694:
1642:
1525:
1405:
1350:
889:"In First Year, DMARC Protects 60 Percent of Global Consumer Mailboxes"
539:
497:
358:
307:
223:
Alice is sent an infected email which she opens, running the worm code.
169:
168:
Although email spoofing is effective in forging the email address, the
74:
58:
65:
emails to use spoofing in order to mislead the recipient. More recent
3061:
3041:
2916:
2106:
1754:
1709:
1704:
1552:
1520:
589:
506: – Identification string in the Internet that may be compromised
3106:
3016:
2901:
2881:
2780:
2492:
2462:
2291:
2156:
2141:
1714:
1672:
1535:
533:
326:
303:
185:
115:
62:
281:
A number of defensive systems have come into wide use, including:
2988:
2906:
2840:
1998:
1724:
1699:
1662:
527:
374:
259:
201:
174:
1256:
867:
572:
Varshney, Gaurav; Misra, Manoj; Atrey, Pradeep K. (2016-10-26).
373:
and reputational damage. Fake emails can also be used to spread
2597:
2457:
1582:
1497:
841:
314:
Domain-based
Message Authentication, Reporting and Conformance
3066:
2825:
1993:
509:
275:
131:
Jane Roe <Jane.Roe@example.mil> – similarly not checked
34:
524: – Widespread deliberate fabrication presented as truth
365:
to attack organizations. Examples include invoice scams and
110:
be present in the headers as part of the "Received:" header.
50:), but forwards mail sent to it to the user's real address.
1983:
812:"Internet-wide efforts to fight email phishing are working"
521:
208:
1132:"Te Wananga o Aotearoa caught up in $ 120k financial scam"
1076:"Dublin Zoo lost €500k after falling victim to cyber-scam"
918:"Prevent spoofed messages with spoofed senders detection"
476: – Letter written in succession by a group of people
177:
that is sending the email without the owner's knowledge.
494: – Information assurance (IA) requirements overview
416:
The
Austrian aerospace firm FACC AG was defrauded of €42
999:"Tips to Avoid Phishing Attacks and Social Engineering"
2779:
1189:"Fraudsters duped this company into handing over $ 40
969:"How to Recognize a Business Email Compromise Attack"
679:"e-mail impersonators: identifying "spoofed" e-mail"
137:
Jin Jo <jin.jo@example.jp> – also not checked
1224:"Hackers fooled Save the Children into sending $ 1
704:
571:
530: – Unsolicited email with spoofed sender data
3126:
500: – Type of crime based in computer networks
430:in New Zealand was defrauded of $ 120,000 (NZD).
192:generally involve an element of email spoofing.
1970:
1102:"Austria's FACC, hit by cyber fraud, fires CEO"
809:
706:"Fraudsters' fingerprints on fake Samsung deal"
542: – Phone call intended as a practical joke
145:header. They may sometimes be able to find the
1257:Australian Competition and Consumer Commission
966:
234:unless he receives an error message from Bob.
2765:
1956:
1366:
810:Bursztein, Elie; Eranti, Vijay (2013-12-06).
237:
180:
96:generally presented to the recipient as the
745:"Transport Layer Security for Inbound Mail"
2772:
2758:
2714:Criminal enterprises, gangs and syndicates
1963:
1949:
1373:
1359:
1917:Security information and event management
1380:
1339:. Carnegie Mellon University. 2002-01-01
943:"Anti-spoofing protection in Office 365"
772:
488: – Self-replicating malware program
1221:
1186:
244:Non-Delivery Report or "bounce" message
14:
3127:
1267:
1158:"Fire Service scammed out of $ 52,000"
647:
621:
2753:
1944:
1894:Host-based intrusion detection system
1354:
1333:"2002 Tech Tip: Spoofed/Forged Email"
1280:from the original on 27 November 2018
1238:from the original on 20 December 2018
1203:from the original on 20 December 2018
1168:from the original on 20 December 2018
1138:from the original on 20 December 2018
702:
512: – System to prevent email fraud
247:
2613:High-yield investment program (HYIP)
1268:Powell, Dominic (27 November 2018).
1058:"Business Email Compromise: The $ 50
1038:from the original on 23 October 2021
447:million through such a scam in 2015.
437:was scammed out of $ 52,000 in 2015.
87:Simple Mail Transfer Protocol (SMTP)
80:
66:
2603:Foundation for New Era Philanthropy
1925:Runtime application self-protection
1187:Hackett, Robert (August 10, 2015).
602:
578:Security and Communication Networks
278:have also failed to gain traction.
24:
2959:Distributed Checksum Clearinghouse
1476:
1222:Wallack, Todd (13 December 2018).
1112:from the original on 21 March 2021
1082:from the original on 8 August 2019
979:from the original on 23 March 2019
861:
835:
536: – Form of social engineering
346:manually scrutinizes the message.
265:
25:
3196:
2944:Challenge–response spam filtering
2781:Unsolicited digital communication
1857:Security-focused operating system
1325:
355:Business email compromise attacks
349:
323:business email compromise attacks
1653:Insecure direct object reference
773:Carranza, Pablo (16 July 2013).
703:Mundy, Simon (11 October 2013).
504:Domain name#Domain name spoofing
2668:Saradha Group financial scandal
1907:Information security management
1310:from the original on 2020-01-31
1304:Federal Bureau of Investigation
1292:
1261:
1250:
1215:
1180:
1150:
1124:
1094:
1068:
1050:
1020:
1009:from the original on 2020-12-02
991:
967:Joan Goodchild (20 June 2018).
960:
949:from the original on 2019-04-09
935:
924:from the original on 2019-03-23
910:
899:from the original on 2018-09-20
881:
855:
829:
818:from the original on 2019-04-04
803:
717:from the original on 2019-02-10
660:from the original on 2019-04-13
630:from the original on 2019-04-03
394:Federal Bureau of Investigation
766:
737:
728:
696:
671:
641:
615:
596:
565:
316:(DMARC) – an
188:and business email compromise
13:
1:
3170:Social engineering (security)
2022:1992 Indian stock market scam
558:
546:Social engineering (security)
2297:Strip search phone call scam
2112:Extraterrestrial real estate
407:
298:(DKIM) – an
7:
2172:Intellectual property scams
2162:Indian coal allocation scam
1971:Scams and confidence tricks
1912:Information risk management
1833:Multi-factor authentication
1389:Related security categories
1228:million to a phony account"
648:Barnes, Bill (2002-03-12).
603:Yee, Alaina (6 June 2022).
467:
404:billion from 2013 to 2022.
288:(SPF) – an
10:
3201:
2979:Naive Bayes spam filtering
2658:Pyramid schemes in Albania
2618:Investors Overseas Service
2550:Website reputation ratings
1889:Intrusion detection system
1847:Computer security software
1503:Advanced persistent threat
624:"A quick overview of SMTP"
457:million cyberscam in 2017.
296:DomainKeys Identified Mail
238:The effect on mail servers
3080:
3002:
2929:
2859:
2796:
2787:
2696:
2688:Welsh Thrasher faith scam
2633:Madoff investment scandal
2558:
2360:
2127:Foreclosure rescue scheme
2012:
1976:
1788:
1488:
1474:
1468:Digital rights management
1388:
626:. University of Toronto.
492:Cyber-security regulation
276:other potential solutions
181:Malicious use of spoofing
18:Business Email Compromise
3165:Organized crime activity
2954:Disposable email address
2816:Directory harvest attack
2683:Stanford Financial Group
2488:Russian Business Network
2277:Slavery reparations scam
1613:Denial-of-service attack
1508:Arbitrary code execution
1300:"Sentence in BEC Scheme"
1003:www.bankinfosecurity.com
864:"DKIM Deployment Trends"
814:. Google Security Blog.
435:New Zealand Fire Service
200:. The email stated that
44:Disposable email address
2653:Petters Group Worldwide
1823:Computer access control
1775:Rogue security software
1438:Electromagnetic warfare
838:"SPF Deployment Trends"
749:Google Postini Services
453:was the victim of a $ 1
286:Sender Policy Framework
2347:White van speaker scam
2312:Technical support scam
2287:SSA impersonation scam
2242:Redemption/A4V schemes
2167:IRS impersonation scam
2132:Foreign exchange fraud
1869:Obfuscation (software)
1598:Browser Helper Objects
1482:
650:"E-Mail Impersonators"
55:transmission protocols
3175:Types of cyberattacks
2147:Get-rich-quick scheme
2137:Fortune telling fraud
1864:Data-centric security
1745:Remote access trojans
1480:
973:Security Intelligence
451:Save the Children USA
428:Te Wananga o Aotearoa
3145:Internet terminology
2964:Email authentication
2623:Kapa investment scam
2443:Internet vigilantism
2433:Email authentication
2408:Cryptocurrency scams
2302:Swampland in Florida
1796:Application security
1690:Privilege escalation
1558:Cross-site scripting
1411:Cybersex trafficking
1382:Information security
1164:. 23 December 2015.
1078:. 22 December 2017.
516:Email authentication
318:email authentication
300:email authentication
290:email authentication
71:compromised computer
2811:Bulk email software
2727:Film and television
2448:Lenny anti-scam bot
2352:Work-at-home scheme
2317:Telemarketing fraud
2177:Kansas City Shuffle
2102:Embarrassing cheque
1443:Information warfare
1401:Automotive security
1337:SEI Digital Library
622:Siebenmann, Chris.
392:The United States'
371:business continuity
33:is the creation of
2678:Scott W. Rothstein
2573:Aman Futures Group
2092:Coin rolling scams
2087:Coin-matching game
1852:Antivirus software
1720:Social engineering
1685:Polymorphic engine
1638:Fraudulent dialers
1543:Hardware backdoors
1483:
387:social engineering
3160:Confidence tricks
3122:
3121:
2949:Context filtering
2925:
2924:
2747:
2746:
2709:Confidence tricks
2428:Domain name scams
2327:Thai zig zag scam
2192:Miracle cars scam
2015:confidence tricks
2013:Notable scams and
1938:
1937:
1900:Anomaly detection
1805:Secure by default
1658:Keystroke loggers
1593:Drive-by download
1481:vectorial version
1448:Internet security
1396:Computer security
1034:. 15 April 2020.
584:(18): 6266–6284.
441:Ubiquiti Networks
198:Fingerprint Cards
81:Technical details
16:(Redirected from
3192:
3090:Advance-fee scam
3037:Keyword stuffing
2794:
2793:
2774:
2767:
2760:
2751:
2750:
2578:Bernard Cornfeld
2540:Stock Generation
2468:Referer spoofing
2332:Three-card monte
2322:Thai tailor scam
2282:Spanish Prisoner
2212:Overpayment scam
2152:Green goods scam
2052:Black money scam
2037:Art student scam
2032:Advance-fee scam
2027:2G spectrum case
1965:
1958:
1951:
1942:
1941:
1809:Secure by design
1740:Hardware Trojans
1573:History sniffing
1563:Cross-site leaks
1458:Network security
1375:
1368:
1361:
1352:
1351:
1347:
1345:
1344:
1319:
1318:
1316:
1315:
1296:
1290:
1289:
1287:
1285:
1265:
1259:
1254:
1248:
1247:
1245:
1243:
1232:The Boston Globe
1227:
1219:
1213:
1212:
1210:
1208:
1197:Fortune magazine
1192:
1184:
1178:
1177:
1175:
1173:
1154:
1148:
1147:
1145:
1143:
1128:
1122:
1121:
1119:
1117:
1098:
1092:
1091:
1089:
1087:
1072:
1066:
1065:
1061:
1054:
1048:
1047:
1045:
1043:
1024:
1018:
1017:
1015:
1014:
995:
989:
988:
986:
984:
964:
958:
957:
955:
954:
939:
933:
932:
930:
929:
914:
908:
907:
905:
904:
885:
879:
878:
876:
875:
866:. Archived from
859:
853:
852:
850:
849:
840:. Archived from
833:
827:
826:
824:
823:
807:
801:
800:
794:
792:
787:on 20 April 2015
783:. Archived from
770:
764:
763:
761:
760:
751:. Archived from
741:
735:
732:
726:
725:
723:
722:
708:
700:
694:
693:
691:
690:
681:. Archived from
675:
669:
668:
666:
665:
645:
639:
638:
636:
635:
619:
613:
612:
600:
594:
593:
590:10.1002/sec.1674
569:
552:Website spoofing
456:
446:
423:
419:
403:
399:
249:
207:Malware such as
37:messages with a
21:
3200:
3199:
3195:
3194:
3193:
3191:
3190:
3189:
3150:Practical jokes
3125:
3124:
3123:
3118:
3102:Make Money Fast
3076:
3072:URL redirection
2998:
2921:
2855:
2806:Address munging
2783:
2778:
2748:
2743:
2692:
2638:Make Money Fast
2608:Franchise fraud
2563:
2554:
2535:Spoofing attack
2518:Scammer Payback
2366:countermeasures
2365:
2356:
2047:Bait-and-switch
2014:
2008:
1972:
1969:
1939:
1934:
1784:
1484:
1472:
1463:Copy protection
1453:Mobile security
1384:
1379:
1342:
1340:
1331:
1328:
1323:
1322:
1313:
1311:
1298:
1297:
1293:
1283:
1281:
1266:
1262:
1255:
1251:
1241:
1239:
1225:
1220:
1216:
1206:
1204:
1190:
1185:
1181:
1171:
1169:
1156:
1155:
1151:
1141:
1139:
1130:
1129:
1125:
1115:
1113:
1108:. 26 May 2016.
1100:
1099:
1095:
1085:
1083:
1074:
1073:
1069:
1059:
1056:
1055:
1051:
1041:
1039:
1026:
1025:
1021:
1012:
1010:
997:
996:
992:
982:
980:
965:
961:
952:
950:
941:
940:
936:
927:
925:
916:
915:
911:
902:
900:
887:
886:
882:
873:
871:
860:
856:
847:
845:
834:
830:
821:
819:
808:
804:
790:
788:
771:
767:
758:
756:
743:
742:
738:
733:
729:
720:
718:
711:Financial Times
701:
697:
688:
686:
677:
676:
672:
663:
661:
646:
642:
633:
631:
620:
616:
601:
597:
570:
566:
561:
470:
454:
444:
421:
417:
410:
401:
397:
357:are a class of
352:
268:
266:Countermeasures
240:
183:
159:bounce messages
83:
67:countermeasures
28:
23:
22:
15:
12:
11:
5:
3198:
3188:
3187:
3182:
3177:
3172:
3167:
3162:
3157:
3152:
3147:
3142:
3137:
3120:
3119:
3117:
3116:
3115:
3114:
3104:
3099:
3098:
3097:
3086:
3084:
3082:Internet fraud
3078:
3077:
3075:
3074:
3069:
3064:
3059:
3054:
3049:
3044:
3039:
3034:
3032:Google bombing
3029:
3024:
3019:
3014:
3008:
3006:
3000:
2999:
2997:
2996:
2991:
2986:
2981:
2976:
2974:List poisoning
2971:
2966:
2961:
2956:
2951:
2946:
2941:
2935:
2933:
2927:
2926:
2923:
2922:
2920:
2919:
2914:
2909:
2904:
2899:
2894:
2889:
2884:
2879:
2874:
2869:
2863:
2861:
2857:
2856:
2854:
2853:
2848:
2843:
2838:
2833:
2831:Email spoofing
2828:
2823:
2818:
2813:
2808:
2802:
2800:
2791:
2785:
2784:
2777:
2776:
2769:
2762:
2754:
2745:
2744:
2742:
2741:
2736:
2735:
2734:
2729:
2721:
2716:
2711:
2706:
2700:
2698:
2694:
2693:
2691:
2690:
2685:
2680:
2675:
2670:
2665:
2660:
2655:
2650:
2645:
2640:
2635:
2630:
2625:
2620:
2615:
2610:
2605:
2600:
2595:
2590:
2585:
2580:
2575:
2569:
2567:
2556:
2555:
2553:
2552:
2547:
2545:Voice phishing
2542:
2537:
2532:
2527:
2522:
2521:
2520:
2515:
2510:
2505:
2495:
2490:
2485:
2480:
2475:
2470:
2465:
2460:
2455:
2450:
2445:
2440:
2435:
2430:
2425:
2420:
2415:
2410:
2405:
2400:
2395:
2390:
2385:
2380:
2378:Pig Butchering
2375:
2369:
2367:
2362:Internet scams
2358:
2357:
2355:
2354:
2349:
2344:
2339:
2334:
2329:
2324:
2319:
2314:
2309:
2304:
2299:
2294:
2289:
2284:
2279:
2274:
2269:
2267:Sick baby hoax
2264:
2259:
2254:
2249:
2247:Reloading scam
2244:
2239:
2234:
2229:
2224:
2219:
2214:
2209:
2204:
2199:
2194:
2189:
2184:
2182:Locksmith scam
2179:
2174:
2169:
2164:
2159:
2154:
2149:
2144:
2139:
2134:
2129:
2124:
2119:
2114:
2109:
2104:
2099:
2094:
2089:
2084:
2079:
2074:
2069:
2064:
2059:
2054:
2049:
2044:
2039:
2034:
2029:
2024:
2018:
2016:
2010:
2009:
2007:
2006:
2001:
1996:
1991:
1986:
1980:
1978:
1974:
1973:
1968:
1967:
1960:
1953:
1945:
1936:
1935:
1933:
1932:
1930:Site isolation
1927:
1922:
1921:
1920:
1914:
1904:
1903:
1902:
1897:
1886:
1881:
1876:
1871:
1866:
1861:
1860:
1859:
1854:
1844:
1843:
1842:
1837:
1836:
1835:
1828:Authentication
1820:
1819:
1818:
1817:
1816:
1806:
1803:
1792:
1790:
1786:
1785:
1783:
1782:
1777:
1772:
1767:
1762:
1757:
1752:
1747:
1742:
1737:
1732:
1727:
1722:
1717:
1712:
1707:
1702:
1697:
1692:
1687:
1682:
1681:
1680:
1670:
1665:
1660:
1655:
1650:
1645:
1640:
1635:
1630:
1628:Email spoofing
1625:
1620:
1615:
1610:
1605:
1600:
1595:
1590:
1585:
1580:
1575:
1570:
1568:DOM clobbering
1565:
1560:
1555:
1550:
1548:Code injection
1545:
1540:
1539:
1538:
1533:
1528:
1523:
1515:
1510:
1505:
1500:
1494:
1492:
1486:
1485:
1475:
1473:
1471:
1470:
1465:
1460:
1455:
1450:
1445:
1440:
1435:
1430:
1428:Cyberterrorism
1425:
1420:
1419:
1418:
1416:Computer fraud
1413:
1403:
1398:
1392:
1390:
1386:
1385:
1378:
1377:
1370:
1363:
1355:
1349:
1348:
1327:
1326:External links
1324:
1321:
1320:
1291:
1260:
1249:
1214:
1179:
1149:
1123:
1093:
1067:
1049:
1019:
990:
959:
934:
909:
895:. 2013-02-06.
880:
862:Eggert, Lars.
854:
836:Eggert, Lars.
828:
802:
765:
736:
727:
695:
670:
640:
614:
595:
563:
562:
560:
557:
556:
555:
549:
543:
537:
531:
525:
519:
513:
507:
501:
495:
489:
483:
480:Computer virus
477:
469:
466:
465:
464:
461:
458:
448:
438:
431:
425:
414:
409:
406:
383:spear phishing
367:spear-phishing
351:
350:Business email
348:
339:
338:
311:
293:
267:
264:
253:
239:
236:
231:
230:
227:
224:
182:
179:
139:
138:
132:
126:
116:paper envelope
112:
111:
109:
101:
82:
79:
31:Email spoofing
26:
9:
6:
4:
3:
2:
3197:
3186:
3183:
3181:
3178:
3176:
3173:
3171:
3168:
3166:
3163:
3161:
3158:
3156:
3153:
3151:
3148:
3146:
3143:
3141:
3138:
3136:
3133:
3132:
3130:
3113:
3110:
3109:
3108:
3105:
3103:
3100:
3096:
3093:
3092:
3091:
3088:
3087:
3085:
3083:
3079:
3073:
3070:
3068:
3065:
3063:
3060:
3058:
3055:
3053:
3050:
3048:
3047:Referrer spam
3045:
3043:
3040:
3038:
3035:
3033:
3030:
3028:
3025:
3023:
3020:
3018:
3015:
3013:
3010:
3009:
3007:
3005:
3001:
2995:
2992:
2990:
2987:
2985:
2982:
2980:
2977:
2975:
2972:
2970:
2967:
2965:
2962:
2960:
2957:
2955:
2952:
2950:
2947:
2945:
2942:
2940:
2937:
2936:
2934:
2932:
2928:
2918:
2915:
2913:
2912:Telemarketing
2910:
2908:
2905:
2903:
2900:
2898:
2895:
2893:
2890:
2888:
2885:
2883:
2880:
2878:
2875:
2873:
2870:
2868:
2865:
2864:
2862:
2858:
2852:
2849:
2847:
2846:Pink contract
2844:
2842:
2839:
2837:
2834:
2832:
2829:
2827:
2824:
2822:
2819:
2817:
2814:
2812:
2809:
2807:
2804:
2803:
2801:
2799:
2795:
2792:
2790:
2786:
2782:
2775:
2770:
2768:
2763:
2761:
2756:
2755:
2752:
2740:
2739:Ponzi schemes
2737:
2733:
2730:
2728:
2725:
2724:
2723:In the media
2722:
2720:
2717:
2715:
2712:
2710:
2707:
2705:
2702:
2701:
2699:
2695:
2689:
2686:
2684:
2681:
2679:
2676:
2674:
2673:Secret Sister
2671:
2669:
2666:
2664:
2661:
2659:
2656:
2654:
2651:
2649:
2646:
2644:
2643:Matrix scheme
2641:
2639:
2636:
2634:
2631:
2629:
2626:
2624:
2621:
2619:
2616:
2614:
2611:
2609:
2606:
2604:
2601:
2599:
2596:
2594:
2591:
2589:
2586:
2584:
2581:
2579:
2576:
2574:
2571:
2570:
2568:
2566:
2565:Ponzi schemes
2561:
2557:
2551:
2548:
2546:
2543:
2541:
2538:
2536:
2533:
2531:
2528:
2526:
2523:
2519:
2516:
2514:
2511:
2509:
2506:
2504:
2501:
2500:
2499:
2496:
2494:
2491:
2489:
2486:
2484:
2481:
2479:
2476:
2474:
2473:Ripoff Report
2471:
2469:
2466:
2464:
2461:
2459:
2456:
2454:
2451:
2449:
2446:
2444:
2441:
2439:
2436:
2434:
2431:
2429:
2426:
2424:
2421:
2419:
2416:
2414:
2411:
2409:
2406:
2404:
2401:
2399:
2396:
2394:
2391:
2389:
2386:
2384:
2381:
2379:
2376:
2374:
2371:
2370:
2368:
2363:
2359:
2353:
2350:
2348:
2345:
2343:
2340:
2338:
2335:
2333:
2330:
2328:
2325:
2323:
2320:
2318:
2315:
2313:
2310:
2308:
2305:
2303:
2300:
2298:
2295:
2293:
2290:
2288:
2285:
2283:
2280:
2278:
2275:
2273:
2272:SIM swap scam
2270:
2268:
2265:
2263:
2260:
2258:
2255:
2253:
2250:
2248:
2245:
2243:
2240:
2238:
2237:Pump and dump
2235:
2233:
2230:
2228:
2225:
2223:
2222:Pig in a poke
2220:
2218:
2215:
2213:
2210:
2208:
2205:
2203:
2200:
2198:
2195:
2193:
2190:
2188:
2185:
2183:
2180:
2178:
2175:
2173:
2170:
2168:
2165:
2163:
2160:
2158:
2155:
2153:
2150:
2148:
2145:
2143:
2140:
2138:
2135:
2133:
2130:
2128:
2125:
2123:
2120:
2118:
2115:
2113:
2110:
2108:
2105:
2103:
2100:
2098:
2095:
2093:
2090:
2088:
2085:
2083:
2080:
2078:
2077:Charity fraud
2075:
2073:
2070:
2068:
2065:
2063:
2060:
2058:
2057:Blessing scam
2055:
2053:
2050:
2048:
2045:
2043:
2040:
2038:
2035:
2033:
2030:
2028:
2025:
2023:
2020:
2019:
2017:
2011:
2005:
2002:
2000:
1997:
1995:
1992:
1990:
1989:Error account
1987:
1985:
1982:
1981:
1979:
1975:
1966:
1961:
1959:
1954:
1952:
1947:
1946:
1943:
1931:
1928:
1926:
1923:
1918:
1915:
1913:
1910:
1909:
1908:
1905:
1901:
1898:
1895:
1892:
1891:
1890:
1887:
1885:
1882:
1880:
1877:
1875:
1872:
1870:
1867:
1865:
1862:
1858:
1855:
1853:
1850:
1849:
1848:
1845:
1841:
1840:Authorization
1838:
1834:
1831:
1830:
1829:
1826:
1825:
1824:
1821:
1815:
1812:
1811:
1810:
1807:
1804:
1802:
1801:Secure coding
1799:
1798:
1797:
1794:
1793:
1791:
1787:
1781:
1778:
1776:
1773:
1771:
1770:SQL injection
1768:
1766:
1763:
1761:
1758:
1756:
1753:
1751:
1750:Vulnerability
1748:
1746:
1743:
1741:
1738:
1736:
1735:Trojan horses
1733:
1731:
1730:Software bugs
1728:
1726:
1723:
1721:
1718:
1716:
1713:
1711:
1708:
1706:
1703:
1701:
1698:
1696:
1693:
1691:
1688:
1686:
1683:
1679:
1676:
1675:
1674:
1671:
1669:
1666:
1664:
1661:
1659:
1656:
1654:
1651:
1649:
1646:
1644:
1641:
1639:
1636:
1634:
1631:
1629:
1626:
1624:
1621:
1619:
1618:Eavesdropping
1616:
1614:
1611:
1609:
1608:Data scraping
1606:
1604:
1601:
1599:
1596:
1594:
1591:
1589:
1586:
1584:
1581:
1579:
1578:Cryptojacking
1576:
1574:
1571:
1569:
1566:
1564:
1561:
1559:
1556:
1554:
1551:
1549:
1546:
1544:
1541:
1537:
1534:
1532:
1529:
1527:
1524:
1522:
1519:
1518:
1516:
1514:
1511:
1509:
1506:
1504:
1501:
1499:
1496:
1495:
1493:
1491:
1487:
1479:
1469:
1466:
1464:
1461:
1459:
1456:
1454:
1451:
1449:
1446:
1444:
1441:
1439:
1436:
1434:
1431:
1429:
1426:
1424:
1421:
1417:
1414:
1412:
1409:
1408:
1407:
1404:
1402:
1399:
1397:
1394:
1393:
1391:
1387:
1383:
1376:
1371:
1369:
1364:
1362:
1357:
1356:
1353:
1338:
1334:
1330:
1329:
1309:
1305:
1301:
1295:
1279:
1275:
1274:Smart Company
1271:
1264:
1258:
1253:
1237:
1233:
1229:
1218:
1202:
1198:
1194:
1183:
1167:
1163:
1159:
1153:
1137:
1134:. NZ Herald.
1133:
1127:
1111:
1107:
1103:
1097:
1081:
1077:
1071:
1063:
1062:Billion Scam"
1053:
1037:
1033:
1029:
1023:
1008:
1004:
1000:
994:
978:
974:
970:
963:
948:
944:
938:
923:
919:
913:
898:
894:
890:
884:
870:on 2018-08-22
869:
865:
858:
844:on 2016-04-02
843:
839:
832:
817:
813:
806:
799:
786:
782:
781:
776:
769:
755:on 2016-11-11
754:
750:
746:
740:
731:
716:
712:
707:
699:
685:on 2017-06-21
684:
680:
674:
659:
655:
651:
644:
629:
625:
618:
610:
606:
599:
591:
587:
583:
579:
575:
568:
564:
553:
550:
547:
544:
541:
538:
535:
532:
529:
526:
523:
520:
517:
514:
511:
508:
505:
502:
499:
496:
493:
490:
487:
486:Computer worm
484:
481:
478:
475:
472:
471:
462:
459:
452:
449:
442:
439:
436:
432:
429:
426:
420:million ($ 47
415:
412:
411:
405:
396:recorded $ 26
395:
390:
388:
384:
378:
376:
372:
368:
364:
360:
356:
347:
343:
336:
332:
328:
324:
319:
315:
312:
309:
305:
301:
297:
294:
291:
287:
284:
283:
282:
279:
277:
273:
263:
261:
257:
251:
245:
235:
228:
225:
222:
221:
220:
218:
214:
210:
205:
203:
199:
193:
191:
187:
178:
176:
171:
166:
164:
161:may generate
160:
156:
152:
148:
144:
136:
133:
130:
127:
124:
121:
120:
119:
117:
107:
105:
102:
99:
95:
92:
91:
90:
88:
78:
76:
72:
68:
64:
60:
56:
53:The original
51:
49:
45:
40:
36:
32:
19:
3095:Lottery scam
3052:Scraper site
3022:Doorway page
2892:Mobile phone
2872:Cold calling
2830:
2663:Reed Slatkin
2628:Kubus scheme
2508:Jim Browning
2503:419eater.com
2498:Scam baiting
2483:Romance scam
2453:Lottery scam
2398:Clickjacking
2342:Wash trading
2337:Trojan horse
2252:Return fraud
2202:Mock auction
2097:Drop swindle
2062:Bogus escrow
1874:Data masking
1627:
1433:Cyberwarfare
1341:. Retrieved
1336:
1312:. Retrieved
1303:
1294:
1282:. Retrieved
1273:
1263:
1252:
1240:. Retrieved
1231:
1217:
1205:. Retrieved
1196:
1182:
1170:. Retrieved
1161:
1152:
1140:. Retrieved
1126:
1114:. Retrieved
1105:
1096:
1084:. Retrieved
1070:
1052:
1040:. Retrieved
1032:Forbes Media
1031:
1022:
1011:. Retrieved
1002:
993:
981:. Retrieved
972:
962:
951:. Retrieved
937:
926:. Retrieved
912:
901:. Retrieved
892:
883:
872:. Retrieved
868:the original
857:
846:. Retrieved
842:the original
831:
820:. Retrieved
805:
796:
791:23 September
789:. Retrieved
785:the original
780:DigitalOcean
778:
768:
757:. Retrieved
753:the original
748:
739:
730:
719:. Retrieved
710:
698:
687:. Retrieved
683:the original
673:
662:. Retrieved
653:
643:
632:. Retrieved
617:
608:
598:
581:
577:
567:
474:Chain letter
391:
379:
354:
353:
344:
340:
335:cyber threat
280:
269:
241:
232:
216:
206:
194:
184:
167:
154:
150:
146:
142:
140:
134:
128:
122:
113:
103:
98:Return-path:
97:
93:
84:
52:
30:
29:
3057:Social spam
2969:Greylisting
2939:Client-side
2867:Auto dialer
2704:Con artists
2588:Dona Branca
2530:Spoofed URL
2438:Email fraud
2418:CyberThrill
2393:Click fraud
2307:Tarmac scam
2232:Pork barrel
2227:Pigeon drop
2217:Patent safe
2207:Moving scam
2117:Fiddle game
2067:Boiler room
2042:Badger game
2004:Sucker list
1977:Terminology
1814:Misuse case
1648:Infostealer
1623:Email fraud
1588:Data breach
1423:Cybergeddon
1284:14 December
1242:20 December
1207:20 December
1172:20 December
1142:20 December
1116:20 December
734:See RFC3834
443:lost $ 46.7
363:email fraud
359:cyber crime
337:activities.
331:email scams
262:" attacks.
256:backscatter
163:backscatter
3155:Cybercrime
3129:Categories
3062:Spam blogs
3027:Forum spam
3004:Spamdexing
2877:Flyposting
2836:Image spam
2798:Email spam
2732:Literature
2593:Earl Jones
2525:ShadowCrew
2478:Rock Phish
2423:DarkMarket
2413:Cybercrime
2388:Catfishing
2262:Shell game
2197:Mismarking
2122:Fine print
2082:Clip joint
2072:Bride scam
1879:Encryption
1755:Web shells
1695:Ransomware
1643:Hacktivism
1406:Cybercrime
1343:2019-12-19
1314:2020-02-01
1086:23 October
1042:2 December
1013:2020-11-17
953:2019-04-08
928:2019-04-08
903:2019-04-08
874:2019-04-08
848:2019-04-08
822:2019-04-08
759:2019-04-08
721:2019-04-08
689:2019-04-08
664:2019-04-08
634:2019-04-08
559:References
540:Prank call
498:Cybercrime
361:which use
333:and other
308:email spam
170:IP address
94:MAIL FROM:
75:ransomware
3180:Deception
3042:Link farm
3012:Blog spam
2931:Anti-spam
2897:Newsgroup
2887:Messaging
2789:Protocols
2719:Impostors
2373:Avalanche
2187:Long firm
2107:Exit scam
1710:Shellcode
1705:Scareware
1553:Crimeware
1513:Backdoors
893:dmarc.org
408:Incidents
155:Reply-to:
147:MAIL FROM
129:Reply-to:
48:harvested
3135:Spamming
3107:Phishing
3017:Cloaking
2994:Spamhaus
2902:Robocall
2882:Junk fax
2493:SaferNet
2463:Phishing
2403:Cramming
2292:SSC Scam
2157:Hustling
2142:Gem scam
1884:Firewall
1789:Defenses
1715:Spamming
1700:Rootkits
1673:Phishing
1633:Exploits
1308:Archived
1278:Archived
1236:Archived
1201:Archived
1193:million"
1166:Archived
1162:RNZ News
1136:Archived
1110:Archived
1080:Archived
1036:Archived
1007:Archived
983:11 March
977:Archived
947:Archived
922:Archived
897:Archived
816:Archived
715:Archived
658:Archived
628:Archived
534:Phishing
468:See also
329:emails,
327:phishing
304:phishing
186:Phishing
104:RCPT TO:
63:phishing
2989:SpamCop
2907:Spambot
2851:Spambot
2841:Joe job
2583:Caritas
2560:Pyramid
2513:Kitboga
2383:Carding
2257:Salting
1999:Shyster
1725:Spyware
1668:Payload
1663:Malware
1603:Viruses
1583:Botnets
1490:Threats
1106:Reuters
609:PCWorld
528:Joe job
375:malware
272:SSL/TLS
260:Joe job
202:Samsung
175:malware
135:Sender:
85:When a
2598:Ezubao
2458:PayPai
1919:(SIEM)
1896:(HIDS)
1780:Zombie
1517:Bombs
1498:Adware
1226:
1191:
1060:
455:
445:
422:
418:
402:
398:
248:a.k.a.
39:forged
3185:Fraud
3140:Email
3112:Voice
3067:Sping
2984:SORBS
2860:Other
2826:DNSWL
2821:DNSBL
2697:Lists
1994:Shill
1765:Worms
1760:Wiper
1678:Voice
1526:Logic
654:Slate
510:DMARC
213:Sober
190:scams
151:From:
143:From:
123:From:
35:email
2917:VoIP
1984:Scam
1531:Time
1521:Fork
1286:2018
1244:2018
1209:2018
1174:2018
1144:2018
1118:2018
1088:2021
1044:2020
985:2019
793:2019
522:Hoax
433:The
306:and
270:The
217:From
211:and
209:Klez
61:and
59:spam
2648:MMM
2562:and
2364:and
1536:Zip
586:doi
252:not
153:or
108:may
3131::
1335:.
1306:.
1302:.
1276:.
1272:.
1234:.
1230:.
1199:.
1195:.
1160:.
1104:.
1030:.
1005:.
1001:.
975:.
971:.
945:.
920:.
891:.
795:.
777:.
747:.
713:.
709:.
656:.
652:.
607:.
580:.
576:.
377:.
325:,
165:.
77:.
2773:e
2766:t
2759:v
1964:e
1957:t
1950:v
1374:e
1367:t
1360:v
1346:.
1317:.
1288:.
1246:.
1211:.
1176:.
1146:.
1120:.
1090:.
1064:.
1046:.
1016:.
987:.
956:.
931:.
906:.
877:.
851:.
825:.
762:.
724:.
692:.
667:.
637:.
611:.
592:.
588::
582:9
310:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.