“I Didn’t Send That!” Domain Impersonation and You

How many of you were affected by the #Ransomware attack on the UVM Medical Center’s IT network last week? Whether it was a delayed or cancelled appointment, an issue with work orders and partnerships, or just dropped communication, this type of attack is a tragically real example of the importance of network security.

One of the biggest vulnerabilities that malicious actors tend to exploit in order to gain access to a network is through #emailsecurity. There are numerous methods for using email as an attack vector, a big one being what is known as #DomainImpersonation.

image says "you've been hacked!"

Domain Impersonation is when someone purchases domain names very similar to the appropriate domain that they are impersonating, and then send emails from that domain with malicious links, attachments, etc, to infect unwitting recipients’ machines and networks.

Consider this example: You’ve been going back and forth with a vendor (say, sales@panurgyvt.com) in emails about purchasing a product for an upcoming project. Suddenly, you receive an email that appears to be coming from that vendor with an invoice and a request for payment through a link in the email. Whether or not you were expecting this email, take a close look at the domain (what comes after the @ symbol). If you notice the typo (maybe something like sales@panrugyvt.com), you’ll easily identify the email as suspicious and know to delete it.

But how many of us actually look at the email address that every single email is sent from? Chances are, you’re busy and overloaded, you’re distracted, or you’re just the type of person who does not handle their email inbox with suspicion. Under these circumstances, you get the email, remember you’ve been communicating with this person already, and just assume that this is related to that communication. You click the link, or open the attachment, and boom, malware has infected your PC and potentially your entire network. Bad news.

No alt text provided for this image

Thankfully, there are solutions out there to monitor and protect from these potentialities before the email even hits your inbox. Through the use of artificial intelligence and intelligent monitoring, advanced email security systems today can take record of the domains of emails recently delivered to your inbox, and if an email comes in with a similar but false domain, it gets blocked even before it hits your email server.

There are also increasing amounts of opportunities for end user training on how to identify suspicious emails. As nearly all email attacks rely on carelessness, ignorance or manipulation to get people to click on malicious links and attachments, the biggest vulnerability point is, in fact, the end users themselves. Implementing regular training and reminders for your workforce surrounding the importance of email security is a top priority for securing modern networks.

If your business could benefit from a more robust email security plan, contact us today! We offer flexible options tailored to your company’s needs that include both server-side monitoring as well as end user training. Reach out today to start the conversation on how Vermont Panurgy can help your business stay protected in today’s modern work environment.

Leave a comment

Your email address will not be published. Required fields are marked *