• ScamBLOX Extension – "Email is from a fraudulent address"

    Posted by ANUYAN on October 20, 2021 at 4:46 pm

    What are fraud and scams [Phishing, spear-phishing and Spoofing] in an Email, text messaging or phone call?

    Criminals use social engineered scams through emails, text messaging or phone calls.

    Cybercriminals use frauds and scams in general email content, [Phishing], as attack techniques. These methods send out hundreds of thousands of phishing emails to try to steal your money, or your identity, by getting you to reveal personal information such as credit card numbers, bank information, or passwords on websites that pretend to be legitimate. V

    Spear-phishing is a targeted attempt to steal sensitive information such as account credentials or financial information from a specific victim, often for malicious reasons.

    Spoofing is the act of disguising a communication from an unknown source as being from a known, trusted source. Spoofing can apply to emails, phone calls, and websites. Spoofing can be used to gain access to a target’s personal information, spread malware through infected links or attachments, bypass network access controls, or redistribute traffic to conduct a denial-of-service attack.

    Tips on how to identify Phishing frauds and scamming emails,
    text messaging or phone calls:

    · Emails, text messaging or phone calls demanding urgent action.

    · Emails or text messaging with bad grammar and spelling mistakes.

    · Emails, text messaging or phone calls with an unfamiliar greeting or salutation

    · Emails, text messaging or phone calls whit inconsistencies in email addresses, links & domain names.

    · Emails or text messaging contain or include suspicious attachments.

    · Emails, text messaging or phone calls requesting login credentials, payment information or sensitive data about you.

    · Emails or text messages which Attaches an invoice for payment.

    · Emails, text messaging or phone calls which sound too good to be true

    • This discussion was modified 2 years, 11 months ago by  ANUYAN.
    • This discussion was modified 1 year, 5 months ago by  ANUYAN.
    Iqra replied 3 years, 1 month ago 2 Members · 1 Reply
  • 1 Reply
  • Iqra

    Member
    October 20, 2021 at 5:55 pm
    Newbie

    What is this???

Log in to reply.

Trustscore

Domain: dropbox.com

Established: 1995-06-28

Server IP Address: 205.251.193.59

Domain Blacklisted: No

In computing, a blacklist, disallowlist, blocklist, or denylist is a basic access control mechanism that blocks all malicious elements (email addresses, websites users, …)

Suspended Site: No

When your website account is suspended, it means the hosting provider has temporarily taken it offline. Website hosts often suspend websites for a myriad of reasons ranging from malware to spam.

Email (MX) Configured: Yes

Verification that the website has its entity’s proper IMAP (Inbox) and SMTP (Outbox) mailbox servers configured correctly.

DMARC Configured: Yes

DMARC is an open email authentication protocol that provides domain-level protection of the email channel. DMARC authentication detects and prevents email spoofing techniques used in phishing, business email compromise (BEC), and other email-based attacks.

SSL Cert Blacklisted: No

Hackers have discovered ways to circumvent, alter, or abuse SSL certificates. An SSL certificate blacklist is a list of untrustworthy SSL certificates that have been created and can potentially harm users.

Website Popular: No

Risky TLD: No

The TLD (Top Level Domain) are the last characters of an entity’s website name, such as .com, .org, etc. Cyber-criminals and threat actors prefer a small set of 25 out of the thousands of available extensions, which accounts for 90% of all malicious sites. A Risky TLD is verification that the domain name is not to be trusted.

Heuristic Pattern: No

If a website uses Heuristics, then it is a scanning method that looks for malware-like behavior patterns. It is commonly used to detect new or not-yet-known malware.

Risky Geolocation: No

Verification to an entity’s geolocation status being labeled as ‘Risky’.

Suspicious Domain: No

Verification the entity’s domain is not listed as being “Suspicious”.