Chapter 3

Thinking Like the Enemy


Understanding the psychology of malicious messaging can be as much of a resource to stopping it as any log file technology or security analysis. The vast majority of attacks are aimed at anyone who will respond, whereas only a small minority of attacks are exquisitely targeted for very high value targets. There are two primary goals for a sender of a malicious email. The first goal is for you to actually see the email. This means that the email needs to be constructed to avoid automated scanning and quarantining programs. The second goal is to have you act on the email. In some cases, this is as simple as opening it and reading it. In other cases, the sender wants you to open an attachment. Success ...

Get Detecting and Combating Malicious Email now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.