Detecting and Combating Malicious Email
- Julie Ryan, Associate Professor and Chair of Engineering Management and Systems Engineering at George Washington University
- Cade Kamachi
Malicious email is, simply put, email with a malicious purpose. The malicious purpose could be fraud, theft, espionage, or malware injection. The processes by which email execute the malicious activity vary widely, from fully manual (e.g. human-directed) to fully automated. One example of a malicious email is one that contains an attachment which the recipient is directed to open. When the attachment is opened, malicious software is installed on the recipientâs computer. Because malicious email can vary so broadly in form and function, automated detection is only marginally helpful. The education of all users to detect potential malicious email is important to containing the threat and limiting the damage. It is increasingly necessary for all email users to understand how to recognize and combat malicious email.
Detecting and Combating Malicious Email describes the different types of malicious email, shows how to differentiate malicious email from benign email, and suggest protective strategies for both personal and enterprise email environments.
Professionals in the fields of security awareness, business continuity, and risk management, as well as end users of email at all technical levels.