Email attacks, do you know how to defend yourself?

Whether in corporate email or personal email, we can look at the SPAM box and the news will always be the same: it will be full.

In addition to these e-mails that are filtered “automatically”, without the end user having any kind of work, we still receive sporadically an e-mail or other unwanted that ends up passing. But do you know the risks that these emails offer?

Read more:

The impact of LGPD for IT
Cloud storage usage entered cyber attack strategy
Enable Office 365 message encryption
“Novo Normal” is contributing to the increase in cybercrime
Configuring Self-Service Password Reset for Azure and Office 365

To get a good understanding of the beginning, let's understand the types of attacks we can receive by email:


Fishing". In this type of e-mail the attacker sends a persuasive message by e-mail in order to make the user click on the link, download an attachment, send information or even complete a payment. They have as main characteristics: subjects that call the attention, advertisements, promotions "must-see".


This attack aims to block the user's access to certain files, requiring a reward. They are files that are downloaded in the background on the user's computer without the user noticing, usually by clicking on any link or attachment received in the email.


Here, attackers not only change the DNS to redirect the domain to another IP address, they can also simulate a trusted IP source, edit the email header and make it legitimate. The goal is the same as phishing, to get data from companies and people.

And Gabi, how can I protect myself? TIPS!

1st Have a Powerful AntiSpam. Our personal email (the free ones) usually comes with filters, but if you work for a company, look at gartner and on the market the tools that can most help in your environment. Large suppliers already have tools based on behavioral analysis and also integrated with endpoint protection;

2nd Do not disclose your e-mail (valid for staff, but principally to corporate). Unfortunately, businesses still buy and sell many email lists (e-mail marketing), and not necessarily just the store / company where you provided your email will have access to it. And the more lists that email is available, the more likely you are to receive something;

3rd Do not click on any link you receive. Always check if you really have a link with the company in question, check if the URLs contained in the links match the subject (stop the mouse over the links and see the address contained there) and doubt very crazy proposals (remember that engineering social deals a lot with our ego);

4th Check the sender. Probably a large company will have its own domain (@ and will not send an email like [email protected];

5th Use complex passwords and whenever possible activate the MFA. This way, we already guarantee the prevention of unwanted logins if your password is compromised in a successful attack.

Spending a little time checking what should or should not be done in the digital world is essential for safe browsing, don't be silly. And when in doubt, be suspicious!

Was this article helpful?

To maintain a quality standard for you, we have invested in a great hosting plan, Paid CDN, Website Optimization Plugins, etc ...

Help us to keep the project active! 

Follow the news in real time. Follow our Instagram profile..

Gabriela Salles
I am a Computer Engineer, specialist and awareness of Blue Team. Certified by Microsoft, IBM, Itcerts, CertiProf and Exin, I also have French and English as differentials.



Do you want to upgrade your career? 

Invest in yourself and get ahead! Get that dream job in 2022!