Jack Recider
๐ค SpeakerAppearances Over Time
Podcast Appearances
Oh, and it's not always bill paying. Sometimes they try to scam these companies to send them gift cards. The scammers will pose as like some manager in the company and they'll ask someone higher up, hey, the company did such a great year. I'd like to give my employees gift cards as rewards. And the person's like, ah, it's a great idea.
Then the scammer's like, okay, well, since everyone's remote, could you just purchase the gift cards and then send me a photo of the back of the cards and I'll just pass those gift cards out to the employees. And that's how these companies end up sending gift cards to Nigerian scammers. It's crazy.
Then the scammer's like, okay, well, since everyone's remote, could you just purchase the gift cards and then send me a photo of the back of the cards and I'll just pass those gift cards out to the employees. And that's how these companies end up sending gift cards to Nigerian scammers. It's crazy.
Now, email providers or system admins need to work to protect users from all this. You can't just present every email that comes into the user. That used to be the case in the old days when we didn't filter any emails at all. But think about this. Suppose you do get an email, but it's one letter off.
Now, email providers or system admins need to work to protect users from all this. You can't just present every email that comes into the user. That used to be the case in the old days when we didn't filter any emails at all. But think about this. Suppose you do get an email, but it's one letter off.
They switch the lowercase L for the capital I, and it looks the exact same to the human eye to make you think this email is from someone you normally get email from, but that one letter off means it's not. So if a human can't detect it, we better have machines that are detecting it.
They switch the lowercase L for the capital I, and it looks the exact same to the human eye to make you think this email is from someone you normally get email from, but that one letter off means it's not. So if a human can't detect it, we better have machines that are detecting it.
And there's a thing called the Levenstein distance, which is an algorithm that will compare two words to tell you how different they are. And I sure hope that email providers today are using this to first develop a baseline of who you're normally getting email from and then look for emails coming in with a very similar domain.
And there's a thing called the Levenstein distance, which is an algorithm that will compare two words to tell you how different they are. And I sure hope that email providers today are using this to first develop a baseline of who you're normally getting email from and then look for emails coming in with a very similar domain.
If the Levenstein distance is very low, meaning it's only one letter off from someone you normally see email from, then that should be flagged, maybe rejected or quarantined and let the user know.
If the Levenstein distance is very low, meaning it's only one letter off from someone you normally see email from, then that should be flagged, maybe rejected or quarantined and let the user know.
You know, now that I think about it, I'm disappointed that there's not better information on these emails I get. Sure, I have a spam folder and stuff gets thrown in there, but I'd love to see reasons for why my email provider put it in spam. To me, spam is ads I don't want. So why not have a second folder of threats?
You know, now that I think about it, I'm disappointed that there's not better information on these emails I get. Sure, I have a spam folder and stuff gets thrown in there, but I'd love to see reasons for why my email provider put it in spam. To me, spam is ads I don't want. So why not have a second folder of threats?
You know, spam and threats are two different things in my mind that they all seem to end up in the same bucket in my email. I would love, love, love to get threat intelligence on my inbox where I could see a little dashboard that says, we've blocked 20 phishing emails for you this month.
You know, spam and threats are two different things in my mind that they all seem to end up in the same bucket in my email. I would love, love, love to get threat intelligence on my inbox where I could see a little dashboard that says, we've blocked 20 phishing emails for you this month.
In there, we had five BEC attempts, two pig butchering emails, and 13 emails containing malware from a threat actor known for targeting journalists. At a bare minimum, just show me a big bright red banner on the email that says, look out, this email comes from a domain that was registered two days ago. That would be really cool.
In there, we had five BEC attempts, two pig butchering emails, and 13 emails containing malware from a threat actor known for targeting journalists. At a bare minimum, just show me a big bright red banner on the email that says, look out, this email comes from a domain that was registered two days ago. That would be really cool.
I mean, they might be already filtering it out and putting it in spam, but stuff that gets through, you know, I'm like, hey, that is a good tip.
I mean, they might be already filtering it out and putting it in spam, but stuff that gets through, you know, I'm like, hey, that is a good tip.
Are we still on the same podcast? What is going on here?