Best State of Art Cyber Security Solutions
The best Innovative and powerful IT Security products

You are here: SecPoint & IT Security News

How do Blackhat spammers circumvent email Anti Spam Filters?

When attackers target an organization via email often the first step is using Phishing attempts.

Popular services include the Open Source Intelligence OSINT to learn about a specific organization.

Valuable information includes

Organization announcements, personnel information, correct branding colours fonts to use in mails.

This can allow attackers to create phishing mail in the same style as used in the organization to make it look legitimate.

Attackers will even test phishing mails against known anti spam filters to make sure it can bypass them before sending it to the victim organization targets.

When attackers find their phishing mail to be catched by anti spam solutions they can buy genuine certificates from reputable companies.

They can use Sender Policy Framework SPF and Domain Keys Identified Mail DKIM.

SPF can be compared as another DNS record that is used in describing which email servers are allowed to sent from a specific domain.

DKIM is used when each mail being sent contains a digital signature which is validated against the public key which is published in the domains DNS records.

By using this attackers can easily bypass many large filters example from Microsoft or Google.

Still advanced spam filters can detect it and attackers can use more sophisticated ways such as buying new domains.

Putting them on trusted GFW Google for Work accounts which is used for professional use.

Depending on the time and and resources an attacker will use to bypass anti spam filters they can be successful in some attempts. 

The Protector UTM Firewall can help to protect an organization from advanced anti spam phishing attacks.

Best Cyber Security Vulnerability Scanner - UTM Firewall & WiFi Pentesting
SecPoint® is focused to deliver the best most innovative Cyber Security Products

Compatible with Product