Open Relay Server
Web Scripts
Fake
Emails: Open Relay Server
v An Open Mail Relay is an SMTP
(Simple Mail Transfer Protocol) server configured in such a way that it allows
anyone on the Internet to send Email through it, not just
mail destined ‘To’ or ‘Originating’ from known users.
v An Attacker can connect the
Open Relay Server via Telnet and instruct the server to send the Email.
v Open Relay Email Server requires
no password to send the Email.
Fake
Emails: via web script
v Web Programming languages
such as PHP and ASP contain the mail sending functions which can be used to
send
Emails by programming Fake headers i.e.” From: To:
Subject:”
v There are so many websites
available on the Internet which already contains these mail sending scripts.
Most of
them provide the free service.
Ø Mail.Anonymizer.name (Send
attachments as well)
Ø FakEmailer.net
Ø FakEmailer.info
Ø Deadfake.com
PHP Mail sending
script
Consequences
of fake emails
v Email from your Email ID to
any Security Agency declaring a Bomb Blast can make you spend rest of your life
behind the iron bars.
v Email from you to your Girl friend or Boy friend can cause Break-Up and set
your friend’s to be in relationship.
v Email from your Email ID to
your Boss carrying your Resignation
Letter or anything
else which you can think of.
v There can be so many cases
drafted on Fake Emails.
Proving
a fake Email
v Every Email carry Header
which has information about the Travelling Path of the Email
v Check the Header and Get the
location from the Email was Sent
v Check if the Email was sent
from any other Email Server or Website
v Headers carry the name of the
Website on which the mail sending script was used.
Email
Bombing
v Email Bombing is sending an
Email message to a particular address at a specific victim site. In many
instances, the messages will be large and constructed from meaningless data in
an effort to consume additional system and network resources. Multiple accounts
at the target site may be abused, increasing the denial of service impact.
Email
Spamming
v Email Spamming is a variant
of Bombing; it refers to sending Email to hundreds or thousands of users (or to
lists that expand to that many users). Email spamming can be made worse if
recipients reply to the Email, causing all the original addressees to receive
the reply. It may also occur innocently, as a result of sending a message to mailing
lists and not realizing that the list explodes to thousands of users, or as a
result of a responder message (such as vacation(1)) that is setup incorrectly.
Email
Password Hacking
v There is no specified attack
available just to hack the password of Email accounts. Also, it is not so easy
to compromise the Email server like Yahoo, Gmail, etc.
v Email Password Hacking can be
accomplished via some of the Client Side Attacks. We try to compromise the user
and get the password of the Email account before it reaches the desired Email
server.
v We will cover many attacks by
the workshop flows, but at this time we will talk about the very famous
'Phishing attack'.
Phishing
v The act of sending an Email
to a user falsely claiming to be an established legitimate enterprise in an
attempt to scam the user into surrendering private information that will be
used for identity theft.
v The Email directs the user to
visit a Web site where they are asked to update personal information, such as passwords
and credit card, social security, and bank account numbers, that the legitimate
organization already has. The Web site, however, is Bogus and set up only to
steal the User’s information.
Phishing
scams could be
v Emails inviting you to join a
Social Group, asking you to Login using your Username and Password.
v Email saying that Your Bank
Account is locked and Sign in to Your Account to Unlock IT.
v Emails containing some
Information of your Interest and asking you to Login to Your Account.
v Any Email carrying a Link to
Click and asking you to Login.
Prevention
against Phishing
v Read all the Email Carefully
and Check if the Sender is Original
v Watch the Link Carefully
before Clicking
v Always check the URL in the
Browser before Signing IN to your Account
v Always Login to Your Accounts
after opening the Trusted Websites, not by Clicking in any other Website or
Email.
Email
Tracing
v Tracing an Email means
locating the Original Sender and Getting to know the IP address of the network
from
which the Email was actually generated.
v To get the information about
the sender of the Email we first must know the structure of the Email.
v As we all know the travelling
of the Email. Each message has exactly one header, which is structured into
fields.
Each field has a name and a value. Header of the Email
contains all the valuable information about the path and
the original sender of the Email.
v For tracing an email Address You need to
go to your email account and log into the email which you want to trace after
that you have to find the header file of the email which is received by you.
ü You will get Source code of the email.
v For Rediffmail-
v For Yahoo mail-
For Gmail-
Now see from bottom to top and the first IP address you
find is the IP address of the sender.
Once you have the IP Address of the sender, go to the URL www.ip2location.com and Find the location of the
IP Address.
And you are done we have traced the person.....
And from where he had sent the email.
