Welcome to Benchmark!

Hal Licino

How Man-In-The-Middle Attacks Can Impact Email Marketers

Jan 17 2011, 11:04 AM by

What Is Man-in-the-Middle?

Phishers and other email fraudsters are upping their game on a continual basis, consistently coming up with new and imaginative ways to ply their criminal trade. One of the most popular of their ploys is what is known as a Man-In-The-Middle (MITM) attack, which tricks an email recipient into divulging their credentials, passwords and other critical personal information on a site that can bear a stunning similarity to your landing pages. The criminals then use this information to conduct identity theft and other felonies. Even if you are not operating in the financial arena, this form of attack can impact your customers and your business, so it's wise to take precautions against it now before it's too late.

MITM Can Affect Any Site Selling Anything
Any business that has subscribers storing purchasing information of any kind in their accounts is liable for MITM attack. Contrary to conventional wisdom, the juiciest targets for online criminals are no longer the banks, which have taken extraordinary measures to counter their scams, but conventional sales sites that offer any type of payment-based product or service. These sites capture personal as well as financial information in the form of credit card numbers or Paypal logins, and once a fraudster has access to this data they can clean out a customer's accounts in a matter of seconds.

The traditional MITM strategy is to inform your subscriber that someone has tried to log into their account and that they need to "confirm" their identity in order to continue access. When the customer follows the link, they enter into an exact duplicate of your site their login information or other details, such as credit card numbers, which is immediately transmitted to the felons. The customer may remain unaware that they have provided their personal info to criminals as they likely receive a "temporary error… try back later" page when they expect to have access to your site.
Phishers Can Even Redirect Users to Your Own Site
As these phishers become more technically adept, they graduate to an even smoother and more complex process whereby they capture your customer's login info and then instantaneously apply it to provide that user access to your actual site! In that manner the customer is unlikely to ever realize that anything is wrong... until they find that their credit cards are maxed out and their bank account is sitting on a goose egg.
Very Few Login Customers Ever Look Up at the URL
Even though these forms of attacks have received massive publicity, recent surveys show that the vast majority of internet users still don't look up to their address bar before entering login or other financial information. A quick look at the bar would show that the URL does not match that of your site, but unfortunately very few of your customers ever care to notice and thus stroll blindly into the fraudster's trap.
Antiphishing Resources Abound: Use Them!
There are steps you can take to avoid this disaster from befalling your customers. There are various services which identify phishing lures, suspicious domain registrations, spoof sites, malware distribution points and the spectrum of post-attack gathering as well as exchange of compromised login credentials. Many of these service providers can also act on your behalf for fast site blocks and take-downs and have a proven track record of safeguarding their customers against many forms of phishing, vishing, pharming, and Trojan attacks, as well as tabnapping, evil twins, filter evasion, IDN spoofing and more. The Anti-Phishing Working Group is an industry association tirelessly working to counter phishing and email spoofing. The organization provides a comprehensive volume of resources on its website (http://www.antiphishing.org).

If brands as prestigious as T.J. Maxx and 7-Eleven can be hit hard by massive phishing fraud, your company is certainly not immune. Marketers who send out a sizeable number of emails are especially vulnerable as regardless of the security procedures taken, most emails (and their sensitive content) are easily interceptable en route. Taking precautionary steps today can help avoid a very painful future debacle for your email marketing brand and your customers.

Posted in Deliverability

Related Blogs