Welcome to the

AdGuardian Plus Blog


Cybercriminals use a new method to sneak into our inboxes

Cybercriminals new kind of email attack

Cybercriminals found a new way to insert messages into their potential victims’ inbox. So, according to research Gemini Advisory, a hacker is advertising a new tool on a dark web forum.

Thus, the attackers do not have to send the malicious emails, but implant them. So, this means, according to the researchers, that the messages can bypass the security systems easier.

It is a “significant threat” from cybercriminals

In a blog post, the company mentioned that: “The software poses a significant threat as it raises the success rate of malware attacks.”

According to the security experts, it allows cybercriminals start more sophisticated phishing and business email compromise (BEC) campaigns. Moreover, it may open the door for technically simple ransomware-like attacks.

How they trick users

Gemini Advisory explained the way attacks happen using the “Email Appender” new technique.

So, first, attackers do what they have to in order to obtain valid email addresses and their passwords. Usually, they buy them from the dark web, at a very low cost.

Afterwards, the attackers have to upload the credentials that were compromised, into Email Appender. This checks them and then connects to these accounts, using the Internet Message Protocol (IMP).

Email clients use IMP – a standard protocol, in order to recover messages. It is the place where attackers use the feature which allows them add a message in the inbox, without authentication.

Then, cybercriminals amend the important fields, such as the “Sender,” “From” and “Reply-To”. Stanislav Alforov, Gemini Advisory’s director of research, considers this technique as being unique.

Also, according to Alforov, the hacker who advertised Email Appender had also offered other services before. Moreover, he built a “reputation” in dark web forums.

People offered a “positive feedback” for a video he had uploaded on YouTube. This came especially from users who mentioned they tested and used the Email Appender.

What we should do to stay safe

The best way to keep our accounts away from the Email Appender, Alforov said, is to enable multi-factor authentication. Thus, it seems that once an account is protected with more than just a password, the malicious software can’t do its job.

Laurentiu Titei
About author

Laurentiu, a creative content writer, has been producing articles about technology for more than 10 years. He is interested in all the security and internet news and his mainstream media background helps make them readable for all kinds of users. Moreover, he grows the appropriate social media channels for websites.
Related posts

Digital Advertising practices, under the pressure of fines


Advertising discrimination, addressed by huge companies


Ad fraud might hit $100B, advertising companies worry


The ad-based business model: Would Facebook change it?

Leave a Reply

Your email address will not be published. Required fields are marked *