Cybercriminals utilize a wide variety of tools and tactics. By far the most popular tool one is the use of email. Criminals like to use email in part since it is very easy to spoof an email and email address. There are even free sites that let you send one-off emails using a spoofed or custom disposable email addresses.
However, much more importantly for the cybercriminal it is even easier to get the recipient to believe it is legitimate.
There are ways to help to decipher an email since most of the email tactics used by cybercriminals do leave traces that help in determining if the email has been spoofed. To uncover these traces one needs take some time to break down the message.
The basic email header contains information such as From, To, Date and Subject and the full header will contain detailed information about where the email came from and how it was routed. The body of the email and attachments can also help to provide additional traces that help to determine the email’s legitimacy.
Over the next series of posts I will be breaking down the content of an email to help to decipher the legitimacy.