Open Access  Subscription or Fee Access

Active hacking methods are easily identifiable with the analysis of firewall and intrusion detection/prevention device log files. However too Many organizations & individuals fail to identify the potential threats from the Malicious Impostor Emails (the next generation attack), which aren’t normally identifiable by software or human beings. In this paper, we see about the next generation attack, much more powerful than previous ones, called malicious impostor emails. A malicious impostor email looks perfectly legitimate in every way (e.g., it can pass any statistical filter and human inspection), since it uses the concept of masquerading to spread itself. Prevention for this attack can be obtained by encrypting the White List. Randomly Encrypted Address Book (REAB) can significantly slow down malicious email spreading. Encrypting those email addresses may theoretically defeat their self-spreading.

Email Addresses, Malicious Impostor Emails, Masquerading, REAB

Rajesh Perumal R, Vinu J, Malicous Impostor Email Prevention Using REAB, ICIRET 2010,August 2010.

Erhan J Kartaltepe, Paul Parker, and Shouhuai Xu -How to Secure Your Email Address Books, CANS'07,February 2008

(Handbook style) Liuis Mora,Neutralbit - SMTP Information gathering Matthew Fisher, Web Application Hacking , SPI Dynamics

(Handbook style) Gray Hat Hacking The Ethical Hacker’s Handbook -Shon Harris, Allen Harper, Chris Eagle, Jonathan Ness, and Michael Lester

(Handbook style) Gunter Ollmann, Professional Services Director - Passive Information Gathering The Analysis of Leaked Network Security Information

(Handbook style) William Stallings - The RC4 Stream Encryption Algorithm

Dr.Asai Thampi, ISRO, private communication, April 2010.

Wikipedia –Email, Available: http://en.wikipedia.org/wiki/E-mail

Wikipedia–Email Address, Available : http://en.wikipedia.org/wiki/Email_address