Email
Print
ShareAhmedabad, Ahmedabad: You run a boutique and imagine yourself being grilled by cops for a "terror e-mail" sent by you. Obviously the goings-on might go beyond your comprehension, but don't be surprised. Hackers have now resorted to a unique method of hacking one's e-mail -called 'e-mail header spoofing'.
This was what Sunny Vaghela, director and CTO of Tech Defence explained while talking to DNA. "Using the e-mail header spoofing method one can spoof identity of header and also change the header as well. Moreover, many mail applications are vulnerable to hacking."
Citing an example, Vaghela said that hackers hack e-mails IDs while chatting or getting person's e-mail ID through other means and by using that particular e-mail, mail can be used by unscrupulous element for subversive activities such as cyber crimes like bank forgery, phishing or even sending terror mails.
Vaghela said that this technique is new in cyber crime and it still needs detailed investigation to track the origin of the e-mail.
This and more were discussed at a seminar on Live Ethical Hacking and Cybercrime Investigation held at Bhaikaka Bhawan near Law Garden on Sunday.
Participants at the seminar discussed how most spoofed e-mail falls into nuisance category and require little action other than deletion, while the more malicious varieties can cause serious problems and security risks. Only five to six per cent of the crores of internet users in India have very sketchy knowledge about cyber security, Vaghela lamented.For example, spoofed e-mail may purport to be from someone in a position of authority or someone from among known identities, asking for sensitive data, such as passwords, credit card numbers, or other personal information - any of which, can be used for a variety of criminal purposes.
More than 70 per cent of websites are vulnerable that could lead to theft of sensitive corporate data such as credit card information and customers personnel data as web developers in India have been given vendor-based training, besides lack of secure coding practices and others. Moreover, very few engineering colleges across the country offers any courses on computer security, Vaghela said, adding that the primary reason for the insecurity is lack of experts in the country.
