Jack Recider

Now, email providers or system admins need to work to protect users from all this. You can't just present every email that comes into the user. That used to be the case in the old days when we didn't filter any emails at all. But think about this. Suppose you do get an email, but it's one letter off.

Now, email providers or system admins need to work to protect users from all this. You can't just present every email that comes into the user. That used to be the case in the old days when we didn't filter any emails at all. But think about this. Suppose you do get an email, but it's one letter off.

They switch the lowercase L for the capital I, and it looks the exact same to the human eye to make you think this email is from someone you normally get email from, but that one letter off means it's not. So if a human can't detect it, we better have machines that are detecting it.

They switch the lowercase L for the capital I, and it looks the exact same to the human eye to make you think this email is from someone you normally get email from, but that one letter off means it's not. So if a human can't detect it, we better have machines that are detecting it.

And there's a thing called the Levenstein distance, which is an algorithm that will compare two words to tell you how different they are. And I sure hope that email providers today are using this to first develop a baseline of who you're normally getting email from and then look for emails coming in with a very similar domain.

And there's a thing called the Levenstein distance, which is an algorithm that will compare two words to tell you how different they are. And I sure hope that email providers today are using this to first develop a baseline of who you're normally getting email from and then look for emails coming in with a very similar domain.

If the Levenstein distance is very low, meaning it's only one letter off from someone you normally see email from, then that should be flagged, maybe rejected or quarantined and let the user know.

If the Levenstein distance is very low, meaning it's only one letter off from someone you normally see email from, then that should be flagged, maybe rejected or quarantined and let the user know.

You know, now that I think about it, I'm disappointed that there's not better information on these emails I get. Sure, I have a spam folder and stuff gets thrown in there, but I'd love to see reasons for why my email provider put it in spam. To me, spam is ads I don't want. So why not have a second folder of threats?

You know, now that I think about it, I'm disappointed that there's not better information on these emails I get. Sure, I have a spam folder and stuff gets thrown in there, but I'd love to see reasons for why my email provider put it in spam. To me, spam is ads I don't want. So why not have a second folder of threats?

You know, spam and threats are two different things in my mind that they all seem to end up in the same bucket in my email. I would love, love, love to get threat intelligence on my inbox where I could see a little dashboard that says, we've blocked 20 phishing emails for you this month.

You know, spam and threats are two different things in my mind that they all seem to end up in the same bucket in my email. I would love, love, love to get threat intelligence on my inbox where I could see a little dashboard that says, we've blocked 20 phishing emails for you this month.

In there, we had five BEC attempts, two pig butchering emails, and 13 emails containing malware from a threat actor known for targeting journalists. At a bare minimum, just show me a big bright red banner on the email that says, look out, this email comes from a domain that was registered two days ago. That would be really cool.

In there, we had five BEC attempts, two pig butchering emails, and 13 emails containing malware from a threat actor known for targeting journalists. At a bare minimum, just show me a big bright red banner on the email that says, look out, this email comes from a domain that was registered two days ago. That would be really cool.

I mean, they might be already filtering it out and putting it in spam, but stuff that gets through, you know, I'm like, hey, that is a good tip.

I mean, they might be already filtering it out and putting it in spam, but stuff that gets through, you know, I'm like, hey, that is a good tip.

Are we still on the same podcast? What is going on here?

Are we still on the same podcast? What is going on here?

Okay, are we really going here? I mean, when someone tells me they're using voodoo and black magic to become a better scammer, I'm, like, skeptical and just want to move on past that. I don't even want to pick that up. But for some reason, I'm feeling compelled to look this one up. So first of all, I watched an hour-long BBC documentary on who Black Axe is. And it's absolutely bonkers.

Okay, are we really going here? I mean, when someone tells me they're using voodoo and black magic to become a better scammer, I'm, like, skeptical and just want to move on past that. I don't even want to pick that up. But for some reason, I'm feeling compelled to look this one up. So first of all, I watched an hour-long BBC documentary on who Black Axe is. And it's absolutely bonkers.