Email Monitoring Flashcards
The most common attack vector used to deliver malware or steal credentials.
A fraudulent message pretending to be from a trusted source.
Phishing email
A phishing attack targeting executives or high-level employees.
Whaling
A phishing attack delivered through SMS.
Smishing
A phishing attack using voice calls.
Vishing
A link in an email that redirects the user to a fake login page.
Malicious URL
An email with an embedded macro that launches malware upon opening.
Malicious attachment
A protocol used to authenticate an email sender’s domain.
SPF (Sender Policy Framework)
A protocol that verifies message integrity and domain ownership.
DKIM (DomainKeys Identified Mail)
A policy that tells receiving servers how to handle unauthenticated email.
DMARC (Domain-based Message Authentication, Reporting & Conformance)
A type of attack where an attacker spoofs the “From” address.
Email spoofing
Logs that help detect failed or unusual email authentication attempts.
Email server logs
The system responsible for filtering spam and scanning messages.
Email security gateway
A tactic where attackers register domains similar to a legitimate one.
Domain squatting / Typosquatting
The act of analyzing message headers to verify source and path.
Header inspection
Tool used to detect and block malicious links and attachments in emails.
Secure Email Gateway (SEG)
Signs of compromise include high outbound email volume or replies to unusual addresses.
Compromised mailbox
A targeted email campaign designed to exploit a specific victim or organization.
Spear phishing
Alert triggered when internal email forwards are created without approval.
Email rule manipulation
A threat actor posing as a company executive to trick employees into transferring money.
Business Email Compromise (BEC)
