Hello!In previous publications, we talked about the system’s anti-spam capabilities. Today I want to touch upon security issues, as well as talk about what's new in the system over the past time.I’ll briefly recall how this works. The user of the mail resource is provided not only a mailing address, for example, user@site.ru , but also some address space, within which you can create any addresses that I called dynamic.
In the example shown in the figure, the current dynamic address 1.user@site.ru can be changed to any other at any time. This address accepts messages from everyone, including through the feedback form (FOS).Fraud
Modern techniques for first contact with an unknown user are not perfect. I propose now not to raise the issue of social networks and instant messengers, to which a certain part of users has reoriented to organize full - fledged feedback with them in the hope of getting rid of spam and phishing. They also spam there ... to a reasonable extent, otherwise, the outflow of the audience from these networks and instant messengers will begin. We also will not talk about the quest when registering in them with reference to a mobile phone (in fact, “the Internet according to the passport”), transferring personal information to third parties and humiliating waiting for an invitation after we asked to be friends with someone.Let's talk about the email that each user has. So, if we write to the email provided on the site in an open form, we understand that the recipient's mailbox is spammed, and there is no guarantee that our message will be read. We do not even know for sure that the message was received, because it may appear in the spam folder, or deleted permanently by the spam filter.Internet resources using FOS, at least report that the sent message has been received, but we also understand that the probability of this message getting into the inbox is far from 100%, because it is forwarded by the form to a regular mailbox ...This drawback is used by scammers, negligent performers, managers and officials, idea hunters, suppliers. They always have the opportunity to "hide behind" the problem of spam.Case study: , 3 , , , , . : « email». : « ». — « ». . - , , .
Since there is no spam folder in the “dynamic email” system, the sender can be sure that his message fell into the recipient’s inbox, of course, if there is no delivery error message. The recipient is also aware of this, and his “silence” becomes more than eloquent.My subjective opinion: the issue of assigning legal status to e-mail, which has been discussed for a long time, will remain open as long as there is a spam folder in users' email clients.Unfair competition
Site owners must have come across similar offers:- ? . , . - . . email .
Anyone can spam any email (search engines will tell you how). Most likely, this email is already somewhere “highlighted”. Resources like hunter.io will help you find out. If it’s not “lit up”, this can easily be fixed by sending to the site through FOS an offer that “cannot be refused” or a request like “Is there the same, but with pearl buttons?”. Whether or not to respond to such an appeal is a big question. Experienced users prefer not to respond, well aware of the extent of possible material and reputational losses. They understand that once a discredited email address turns into a "time bomb" for the duration of its existence. There is a contradiction: give your contacts to anyone to be in touch, but hide them from everyone to avoid spam.Dynamic email can easily cope with such a problem. To maintain a reputation, it is enough to reply to a message received through the FSF from a non-existent address, for example, from the address do_not_reply_to.user@site.ru , as if hinting that the topic is not interesting. If the topic is interesting, you should reply from a dynamic address, without leaving the attacker even a chance to find out the "main email of the organization."Phishing
From an interview with the head of Group-IB, Ilya Sachkov, to the Roscongress Foundation (PRIME):From the point of view of the most serious problems a user may receive, email is still the main way to deliver either malicious code or phishing emails.
I perceive the phrase of a respected expert as a recognition of the impossibility of solving the problem with the available means. The problem, in my opinion, cannot be solved if the attacker knows the email address. If they know where the door is, they will try to open it. There are many examples of this. This is an endless struggle between artificial and human intellects and technologies. Unfortunately, attackers will always be one step ahead. While the online community is discussing something new, attackers manage to find loopholes. The topic is serious. Recently I read in the news on Habré :more than 100 million phishing emails are blocked every day in Gmail
The problem of phishing for a user is aggravated by a crazy stream of incoming information, the processing of which the human brain does not always have time to cope with. As Dr. Kurbatov noted at a business breakfast in Davos , it takes the brain about 23 minutes to switch from the mode of perceiving information to the mode of processing it.In other words, if an ordinary person in 21 hours receives 21 incoming messages with an interval of 23 minutes, he will not be able to process and organize this information.Thinking becomes stereotyped, stereotyped, brain dormant
At such moments, the user may just make a mistake without noticing, for example, a difference of one character in the sender address. The user can, dynamic email - no, not to mention the fact that the user does not have to receive junk emails with an interval of 23 minutes. In order for the attack to take place, you need to know the correspondence of the sender and recipient addresses, and even better, get access to the sender's mailbox.Joke. . . :
– ?
– , !
– ?
– .
– , , !
– , … ( )
– , , , .
– , !
– , ?
Spraying passwords and brute force
The indisputable weakness of email (and not only it) is the coincidence of email with login. Another problem - any mail server suggests the possibility of connecting via the POP3 protocol, which provides only two commands for authorization USER and PASS , i.e. login and password. There is no question of any two-factor authorization. If an attacker knows someone’s email, he automatically has information about the mail server and login. Next is a matter of technology.For important cases, you can apply special authorization on the mail resource and forget about such dangers as sputtering passwords and brute force. It will also complicate MITM attacks.Example: user@site.ru - primary address, 1.user@site.ru- dynamic, my_pin.user@site.ru - for authorization. As a result, we get a kind of two-factor authorization and an additional warning mechanism about hacking attempts. It is extremely difficult to get hold of a mailbox with such protection, despite the possibility of using simpler passwords.For critical cases, you can even use dynamic authorization, working on the principle of a car alarm with feedback, i.e. new login for each subsequent communication session with the password unchanged. What is not a working option? If the patient is diagnosed with persecution mania, this does not mean that he is not being followed.Newsletters
Newsletters are dangerous because their messages contain many links to resources, as well as the possibility of an attack on behalf of a brand, for example, the World Health Organization. Today, many people understand that thoughtlessly clicking on the links in the received message is dangerous, but not everyone realizes that the link “unsubscribe from the newsletter” is no less dangerous. In fact, this is the same phishing with some features: the user is not called for any action, he is outraged by the unfairly received message, relaxed by the potential to correct the situation (by clicking on the link). The result of unsubscribing is not predictable. Users can be directed to the clone site. It remains unprotected from theft or sale of personal data. It is practically impossible to establish the source of the leak and punish the “offender”. SadDynamic email corrects the situation here: you don’t need to click on the links, the culprit of the leak is calculated by the correspondence of the sender-receiver addresses, and the leak of personal data itself does not matter much. It's nice that the culprit of the leak is easy to punish by turning your email in its database into digital trash with a simple click of a button.Pseudo-mining
There is a lot of information on this subject, for example: Tsunami of false “mining”: what is known and how to live now .An interesting quote from this post:Recently, a curious note began to appear in hooligan messages - “Remember the Criminal Code of the Russian Federation 205.6. Failure to report a crime. ” Such an article of the Criminal Code does exist and faces a fine of up to one hundred thousand rubles, as well as imprisonment for up to one year
The uniqueness of the situation lies in the fact that the attacker achieves the maximum result at the lowest cost and risk of being detected: any search engine will help you make a list for the attack, just type “school”, “shopping center”, “court”, etc .; on the site of almost any organization, email is presented in clear text; few of the spam filter adjusters risk sending messages about mining to the spam folder, it’s easier to shift the responsibility to someone else.We can’t talk about material and psychological losses from such attacks. To solve the problem, you just need to hide the organization’s email, and send the attacker to the FSF.The attacker is well aware that sending messages through the FSF greatly simplifies the process of investigating cases of false access. The process of blocking calls to FOS, which from anonymizers, from any IP address, is much more delicate than blocking resources such as startmail.com and protonmail.com, which used to be used to send messages about mining. Mail.ru also carried out attacks, but for some reason no blocking of this resource was made. Why not the Ministry of Education to introduce such a system with a single center for the analysis of incoming information? The cost of its implementation is ten times (if not hundreds) less than the financial losses from pseudo-minings only last year.Trolls and Haters
These representatives of flora and fauna are a headache for VIP and any public figures. To be 100% enjoyable and interesting for everyone is not realistic, but "everyone can offend an artist." The user of dynamic email exclusively independently regulates his “openness” to the world. To stay in touch only for old friends for an indefinite time, it is enough: close the FOS for the reception, close the main address for the reception and change the dynamic address. After this procedure, you can safely climb into your house and do business without being distracted by all sorts of "little things." The user decides which label to hang “on the door” “Do not disturb!” or "Do not wake until spring!".Cyber warfare
The system is prepared for cyber warfare, i.e. attacks on resources or the state as a whole. In the event of an attack to the administrator or the mail resource algorithm, it is enough to close all the main addresses for reception and, possibly, as the situation develops, forcibly change the dynamic addresses of users randomly, notifying them of this, for example, using SMS. Since the attackers are blocked before the messages are downloaded to the server, it seems unlikely to overload the data transfer channels and hardware capacities with the incoming traffic. In my opinion, modern spam filtering systems have passed the peak of their development, they should be replaced with spam blocking systems. This topic will become more and more relevant as the development of 5G and the spread of IoT. Good old saying: "HDD is not rubber."Ecology
How without her! The topic of environmental safety excites everyone. I will give only a couple of quotes:- statistics from the report of ICF International and McAfee in April 2009: 62 trillion “garbage” messages are sent annually in the world, the generation of electricity (more than 33 billion kW / h), which is spent on this, results in the emission of more than 17 million tons of carbon dioxide
- from a 2011 French environmental report: spam totaled 73 trillion messages, or 17,800 messages per Internet user per year
I did not look for more recent information, I believe that today the situation has not improved.Who benefits
If the losses from spam and phishing in the world amount to tens of billions of dollars , then, according to the law of conservation, someone should make money on this. I reasoned on this topic and came to the conclusion that it is easier and more correct to say to whom spam is not profitable, and thereby avoid the risk of talking about a “life cycle with nails”.Answer: spam is not beneficial for respectable users
Thank you for attention. I congratulate businessmen on a holiday, and Habr - happy birthday!I also thank in advance all dear readers who will answer the question at the end of the publication.