Detecting and Combating Malicious Email
Authors: Julie JCH Ryan and Cade Kamachi
After years and years of security professionals explaining the dangers of malicious electronic messaging and how to avoid them, cyber crooks are still using them to compromise systems, meaning this method still works.
This book takes a stab at spelling out clearly, in a plain language that even users with modest technical knowledge can understand, how to avoid becoming a victim of malicious messaging (emails, but also text messages, social media postings, etc.).
About the authors
Julie Ryan is an Associate Professor and Chair of Engineering Management and Systems Engineering at George Washington University. Dr. Ryan’s research interests lie in information security and information warfare, as well as systems dynamics and human-machine interactions.
Cade Kamachi is an Information Assurance Analyst at the National Information Assurance Training and Education Center. He has aided in the creation and implementation of cyber security exercises for collegiate, industry, and government entities.
Inside the book
After explaining the concept of malicious electronic messaging, reiterating the well-known and often repeated advice about spotting this type of messages, giving out a generic list of things to do if you have fallen for such an attack, and stressing the importance of backing up regularly, the authors acknowledge that keeping young children or aging relatives safe from bad guys wielding malicious emails is a daunting, time-intensive task.
This first introductory chapter also includes an overview of the most often used scams aimed at getting money from victims: Nigerian scams, donation requests, dating scams, and so on, as well as the most used tricks for getting victims to follow malicious links and download malicious attachments.
Chapter 2 gives examples of the types of malicious messages users can face and describes their characteristics, so that users might know what to look for. The authors also provide a great simplified definition of what a malicious e-message is: a message that can cause harm to the recipients or the systems which they are using and are connected to. They have included and dissected several emails of each type, pointing out the inconsistencies and the various tricks used, and describing their train of thought when evaluating the messages’ legitimacy.
Next, they give a peek into the mind and motivation of the enemy and describe the psychology of the different attacks, as well as what the attackers do to make them successful.
Chapter 4 is a bit technical, but can still be understood and digested by most readers, as it includes instruction on how to analyze email headers, find hidden content, where URL included in the email actually lead, how to spot malicious attachments, and so on. The authors did a great job here, taking the reader by hand and showing and explaining in a very understandable manner what to look for and how to evaluate the things they find.
They also repeatedly point out that users mustn’t rely only on technology, but that it’s critical for them to use their brain at all times, and to develop an intuition about this type of attack.
A whole chapter has been dedicated to the challenges faced by those who are tasked with keeping members of an enterprise or organization secure from malicious messaging.
But, as the authors ruefully admit, eventually all of us will open a malicious email and fall for a trick, and that’s why the book ends with a short “what-to-do” when this happens. The advice is tailored according to the tech knowledge the victim possesses.
This is a enjoyable book that does the job it set out to do well: explain the problem of malicious messaging in a way that anyone who uses a computer can understand (if they put in a little effort).
Every “ordinary” Internet user can benefit greatly from reading this book, and it could be used as teaching material in organizations’ security training programs.