Abion / Blog / 3 tips on how to protect against extortion emails
bermix-studio-f7daqidsk98-unsplash-scaled-16

This weekend, several Swedish newspapers reported a wave of email frauds. For example, Göteborgsposten reported on extortion emails that reached thousands of people in Western Sweden, resulting in more than 1,000 police reports, while Aftonbladet reported on emails spreading malware within the Karlstad municipality.

What these cases had in common was that the emails in question appeared to come from a legitimate sender, like a colleague in the case of the Karlstad municipality, or even – as in the emails received by many in western Sweden – oneself. In the latter case, the purpose of sending the message from the person in question's own e-mail address to himself/herself was to "prove" that he or she was hacked and thus be able to extort the person.

”How is this possible?” many are now asking.

So, what’s going on?

Actually, it's not really that complicated, let's break it down in a number of bullets:

  • It is a relatively unknown fact that the email system basically lacks authentication mechanisms that ensures that the stated sender is the actual sender.
  • In practice, this means that an email can be sent with a falsified sender appearing exactly as the person you want to claim to be, including the email address your email program (such as Outlook, Apple Mail, etc.) states the message is sent from.
  • Despite the widespread misunderstanding that one cannot do anything about this, there are security mechanisms to implement.
  • It is important to understand that the responsibility lies with the sender, i.e. the owner of the domain/email address, to prevent fraudulent behaviour directed against one's self - as in many of the cases reported this weekend - and/or within an organisation. Email fraud can also be directed externally against a company's customers, suppliers or individuals in a person’s network. The recipient can neither, nor should, be the one responsible for ensuring this.
  • In fact, the majority of large Swedish companies today lack this type of security mechanism and therefore risk having their identity stolen.
  • When looking at the consequences, the cases reported this weekend was resulted in personal financial damage as a result of extortion. However, the financial injuries that can arise for companies can reach almost astronomical sums (two examples being industrial giant Leoni and football club Lazio). One question that is seldom discussed however is the potential damage to the brand. It is very common that attempts to fraud occurs by the fraudster uses the identity of one company as a mean of contacting other companies and/or individuals in order to get his or her hands on money, sensitive information and/or spread malicious code.

3 tips on how to protect against extortion emails

  1. Awareness
    In an organization, one should start by carrying out organisational measures, like education and more thorough routines, in order to minimize the risk of someone achieving to fraud you. As an individual, you should also be updated on what is happening in the digital world. If you are unsure, you should always contact your email provider.
  2. Basic email authentication
    The foundation for the authentication of an email is laid with a so-called "SPF record" which verifies which servers are allowed to send emails from a domain. However, this is usually not set up by default as many companies are using several different providers, for example for sending newsletters. If this is carried out without having the complete picture, it can result in legitimate emails not being sent. If you are uncertain of which legitimate "sources" you have, you can make an analysis of the flow of emails.
  3. "Best practice" for email management for organizations
    Through a combination of security mechanisms that limit the illegal use of a domain, verifies legitimate sources and continuously analyses and reports the status of overall email flow, the risks of email fraud are minimized.

Related reading

Magdalena Bonde Named as one of “The 50 Most Influential People in IP” by Managing IP for 2024

Abion’s CEO Magdalena Bonde Named as one of “The 50 Most Influential People in IP” by Managing IP for 2024

Announcements
English
pll_6756cd5551acf
10, December 2024
We are excited to announce the acquisition of Lane IP, a renowned UK-based IP specialist. This strategic acquisiti...
Sound Trade Marks Protection

Sound Trade Marks vs. Copyright: Key Differences Explained

Trademark Management
English
5, December 2024
Sound trade marks and copyright both protect audio, but in different ways. Netflix’s “ta-dum” is not just a sound—...

This website uses cookies

Cookies ("cookies") consist of small text files. The text files contain data which is stored on your device. To be able to place some type of cookies we need your consent. We at Abion AB, corporate identity number 556633-6169 use these types of cookies. To read more about which cookies we use and storage duration, click here to get to our cookiepolicy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that need to be placed for fundamental functions on the website to work. Fundamental functions are for instance cookies that are needed for you to use menus and navigate the website.

Functional cookies

Functional cookies need to be placed for the website to perform in the way that you expect. For instance to remember which language you prefer, to know if you are logged in, to keep the website secure, remember login credentials or to enable sorting of products on the website in the way that you prefer.

Statistical cookies

To know how you interact with the website we place cookies to collect statistics. These cookies anonymize personal data.

Ad measurement cookies

To be able to provide a better service and experience we place cookies to tailor marketing for you. Another purpose for this placement is to market products or services to you, give tailored offers or market and give recommendations on new concepts based on what you have bought from us previously.

Ad measurement user cookies

In order to show relevant ads we place cookies to tailor ads for you

Personalized ads cookies

To show relevant and personal ads we place cookies to provide unique offers that are tailored to your user data