Cyber Security and Pot Luck: August Edition Don’t Get Caught in the Phish Bowl: Innovative Ways to Prevent Phishing Attacks for Free

Dr. Daniel Schmeling

CEO Fortified Cyber Solutions LLC | CISSP | CCNA | Tisax | CMMC | Comptia A+| N+| Sec+ | CYSA+|Pen Test +|ITIL | Zscaler ZTA | M365 Fundamentals

August 1, 2024

Hey Cyber Security Warriors!

Welcome to the August edition of Cyber Security and Pot Luck! This month, we’re diving deep into creative, cost-free ways to prevent phishing attacks. Think of phishing as a sneaky fisherman trying to catch unsuspecting fish (that's you). But don’t worry! We have some quirky, innovative solutions to keep you out of the phish bowl. Let’s have some fun and stay secure!

The Phishing Menace

Phishing attacks are like fishing trips for cybercriminals—they cast their lines and wait for someone to bite. These attacks can lead to stolen credentials, financial loss, and data breaches. But guess what? We’ve got some out-of-the-box, innovative solutions to stop these phishers in their tracks. Let's explore how to prevent phishing attacks and stop them from spreading.

1. MailSpoof: The Anti-Phishing Jukebox

MailSpoof is a nifty tool that scans SPF and DMARC records for issues that could allow email spoofing. It’s a fantastic tool for organizations, pentesters, and red-teamers to quickly sift through a large list of domains for lax SPF and DMARC policies.

Installation:

pip3 install mailspoof

Usage Examples:

• CLI Usage:

printf "google.com\napple.com\nmicrosoft.com" > /tmp/list

mailspoof -d github.com -d reddit.com -iL /tmp/list

• Python Usage:

import mailspoof

mailspoof.scan('google.com')

Pro Tip: Think of MailSpoof as your email's personal detective, sniffing out weak points that phishers could exploit.

2. SPF, DKIM, and DMARC: The Superhero Trio

For M365:

• SPF (Silly Phish Filter): Log in to the Microsoft 365 admin center. Go to Domains. Select your domain and choose DNS settings. Add a new TXT record with the value: v=spf1 include:spf.protection.outlook.com -all.

• DKIM (Don't Kill My Inbox): Go to the Microsoft 365 admin center. Navigate to Exchange Admin Center. Under protection, select DKIM. Choose your domain and click Enable.

• DMARC (Don’t Mess Around, Really Check): Go to your DNS host and add a TXT record: Name: _dmarc Value: v=DMARC1; p=none; rua=mailto:postmaster@yourdomain.com

For Home Email:

• Access your domain's DNS settings through your hosting provider.

• Follow similar steps as above to add SPF, DKIM, and DMARC records.

Pro Tip: This superhero trio prevents email spoofing and phishing. Once set up, they significantly reduce the risk of email-based threats. Initial configuration might be a bit technical, but the long-term benefits are worth it.

3. Phish Fryer: Creative Spam and Phishing Filters

For M365:

• SpamAssassin and MailScanner: Enhance M365’s built-in filters by integrating with third-party solutions via connectors.

For Home Email:

• SpamAssassin: Install SpamAssassin on your mail server.

sudo apt-get install spamassassin

sudo systemctl enable spamassassin

sudo systemctl start spamassassin

• MailScanner: Install and configure MailScanner to work with your existing email server (Postfix or Sendmail).

Pro Tip: Treat these filters like your email's personal bouncer—only letting the good stuff in and keeping the riff-raff out.

4. Encrypt Like a Spy with Free Email Encryption Tools

For M365:

• GnuPG and Mailvelope: Use Mailvelope with your Outlook webmail. Install the Mailvelope extension for Chrome or Firefox. Configure Mailvelope to use your GPG key.

For Home Email:

• GnuPG: Install GnuPG on your computer.

sudo apt-get install gnupg

gpg --gen-key

• Use an email client like Thunderbird with the Enigmail extension for GPG encryption.

• Mailvelope: Install the Mailvelope extension for your browser. Configure it with your email service (Gmail, Yahoo, etc.).

Pro Tip: Think of encryption as your email's invisibility cloak. It keeps your messages hidden from prying eyes.

5. Phish School: Gamify Your Email Security Awareness Training

For M365 and Home Email:

• PhishMe Free and KnowBe4: Sign up for free versions of these services. Create phishing simulation campaigns and send them to your M365 or home email addresses. Use the training modules to educate users on recognizing phishing attempts.

Pro Tip: Turn phishing awareness into a game. Offer prizes for those who spot and report phishing emails the fastest. It's like Where’s Waldo, but with hackers!

6. DIY Open Source Email Security Gateways

For Home Email:

• Proxmox Mail Gateway and MailCleaner: Download and install Proxmox Mail Gateway or MailCleaner. Follow the installation and configuration guides to integrate with your home email server.

Pro Tip: Imagine these gateways as the moat around your email castle. They keep the bad guys at bay and ensure your email fortress is secure.

7. Innovate with Email Backup Solutions

For M365:

• IMAPSize and MailStore Home: Use MailStore Home for backing up your M365 emails. Connect MailStore Home to your M365 account using IMAP settings.

For Home Email:

• IMAPSize: Install IMAPSize and configure it to back up your home email account.

• MailStore Home: Install MailStore Home. Set up email archiving by connecting it to your home email accounts.

Pro Tip: Backup is like having a spare set of keys. If you lose access to your emails, you can quickly get back in without breaking a window.

8. Arm Windows Defender to Battle Phishing

For M365 and Home Email:

1. Enable Windows Defender Integration:

• Open Windows Security by searching for it in the Start menu.

• Go to Virus & threat protection.

• Under Virus & threat protection settings, click Manage settings.

• Ensure Real-time protection is turned on.

1. Configure Windows Defender to Scan Email Attachments:

• Open PowerShell as an administrator.

• Run the following command to enable email scanning:

Set-MpPreference -DisableEmailScanning $false

1. Set up Regular Scans:

• In Windows Security, go to Virus & threat protection.

• Under Current threats, click Quick scan or Full scan.

• Schedule regular scans by clicking Scan options and selecting Scheduled scan.

Pro Tip: Treat Windows Defender like your personal bodyguard. It’s always on the lookout for any threats trying to sneak into your inbox.

9. Strengthen Your Defense with a YubiKey

For M365:

1. Get a YubiKey:

• Purchase a YubiKey from the official Yubico store.

1. Set Up YubiKey with Microsoft 365:

• Sign in to the Microsoft 365 Admin Center.

• Go to Settings > Org settings > Security & privacy.

• Enable Security Defaults or create a policy in Azure Active Directory > Security > Conditional Access to require MFA.

• Instruct users to go to My Sign-Ins and add a Security key.

For Home Email (Example with Gmail):

1. Get a YubiKey:

• Purchase a YubiKey from the official Yubico store.

1. Set Up YubiKey with Gmail:

• Sign in to your Google Account.

• Go to Security > 2-Step Verification and set it up using your phone number.

• Add a Security key under 2-Step Verification.

Pro Tip: A YubiKey is like a magic wand for your email security. It adds an extra layer of protection that only you can wield.

Final Thoughts

Don't get caught in the phish bowl! With these innovative and cost-free solutions, you can outsmart phishers and keep your email safe. Remember, staying one step ahead of cyber threats doesn't have to cost a fortune. Stay vigilant, stay creative, and let’s make the cyber world a safer place together!

Illustration for August Edition:

Stay tuned for more quirky and innovative solutions next month!