If you are having problems with message delivery, one of the first troubleshooting steps is to view the email headers. You can do this by viewing the message source. We will explain the basics, then teach you how to view headers in email for the most popular clients. These include Gmail, Apple Mail, Yahoo! Mail, Thunderbird, and Outlook.
Read the rest of this post »
Frequently, we are asked to verify if a sent or received email was encrypted using SMTP TLS during transmission. For example, banks, healthcare organizations under HIPAA, and other security-aware institutions require that emails be secured by TLS encryption.
Email should always be transmitted with this basic level of email encryption to ensure that the email message content cannot be eavesdropped upon. To see if a message was sent securely, looking at the raw headers of the email message in question is easy. However, it requires some knowledge and experience to understand the text. It is actually easier to tell if a recipient’s server supports TLS than to tell if a particular message was securely transmitted.
To analyze a message for transmission security, we will look at an example email message sent from Hotmail to LuxSci. We will see that Hotmail did not use TLS when sending this message. Hotmail is not a good provider to use when security or privacy are required.
Read the rest of this post »
In our previous posting, we looked at exactly how Spammers and hackers can send forged email — how its is possible and how it is done. Therein, we gave an example how one could send an email forged to be from Bank of America.
In this post, we will look at that forged Bank of America email to see technically what it looks like and how it differs from legitimate email from Bank of America.
What can we learn that allows us to detect forged email in the future?
The forged email from Bank of America was based on a legitimate email message, so that the forgery could look as close as possible to actual email from them.
In truth, the majority of forged email simply changes the “From” address and does not bother with anything else. These forged messages are used for Spam and hope the forgery fools enough people to be worth it, through numbers. What we are looking at here is a more carefully crafted message designed to fool filters and a careful eye. These kinds of fakes might be used in spear phishing attacks on an individual or in more sophisticated Spam campaigns.
The the forged Bank of America email that arrived in the recipient’s mail box looked like this (the raw headers):
Read the rest of this post »
