SPAM EMAILS
The rapid progress of Internet of Things has facilitated the mankind to work with dierent types
of smart devices, especially in the form of smart appliances which have oered unprecedented
levels of automation in “smart homes”. Like other computer hardware, these devices are
connected to the internet and can benefit you greatly. For instance, your appliances can send
and receive emails. However, if a hacker breaches through your smart appliance by using an
attack vector like spam emails, then the can convert it into an email server. There is already
the infamous report from Proofpoint which showed how a smart refrigerator got hacked and
became exploited to such an instant that several malicious emails were sent through it without
the owners knowing anything about it.
The security expert from Proofpoint performed an analysis of spam emails. In the study, it
was discovered that almost a quarter of the victims did not happen to come from desktop PCs
or laptops. Instead, they turned out to be from the “things”.
The study found out more than 100,000 unique IP addresses from the Internet of Things
devices. Further research explained that these IoT devices did not only include the expected
networking devices like NAS and routers but there were clear indications about unconven-
tional sources like televisions, multi-media centers, and even a refrigerator. This means we are
now in an era where you have to protect yourself from a refrigerator!
The exploitation of smart appliances has raised possibilities of hackers exploiting them to
misuse the data in a workplace. A cybercriminal group is waiting for users to initiate a remote
connection of RDP while even looking into their refrigerators can place them in trouble.
How to identify Spam Email and what are the steps one should take to avoid such
emails coming into the inbox?
Flash Question
RANSOMWARE
Ransomware is a type of malicious malware which after infecting a computer, takes complete
control of the system and locks down the data. After the denial of access, the cybercriminal
demands a ransom in return for access to data. Users are then provided with a guide about how
to pay the ransom and how can they use the decryption key to unlock the locked data.
How Ransomware Works?
Ransomware uses dierent attack vectors in order to breach into systems. One of these attack vectors
is the use of phishing techniques. In such an attack, a cybercriminal group—under a disguise—sends
an email to a user and encourages them to click a link or download a malicious file attachment.
In the past, cybercriminals have faked their identities in dierent ways to force their victims
to download their malicious files. For example, once a cybercriminal group circulated a U.S.
court notice to users where they were ordered to pay a fine. As the users download the attached
document for confirmation they got hacked. Similarly, they have acted as law enforcement
agencies. There are those who use the name of well-known brands like FedEx to spread
Chapter 11 Security Challenges for IoT 277
Internet_of_Things_CH11_pp271-308.indd 277 9/3/2019 10:16:19 AM