In this article, we elaborate how we managed to identify hidden internal email servers by relying on various open-source intelligence (OSINT) data sources for our direct email spool attack research.
One in three Australian law firms are susceptible to a cyber threat called “direct email spool attack”, our report can reveal. This attack technique bypasses expensive email security solutions, rendering them completely useless and exposing the affected organisations to cybercrime.
As phishing emails come in different shapes and formats, there is no silver bullet to identify a phishing email. However, there is a collection of red flags you should be looking for before clicking on a new message. This is my up-to-date guide helping you recognise the latest email-based scams.
This research report demonstrates how domain name abandonment poses a significant cyber threat to the legal profession and other businesses. This report also makes recommendations as to measures legal practices and other businesses can take to stop this threat.