We all run cold when we received an email of the Treasury. But it may happen that the person who writes you is not the Tax Agency. Or that this message from the Post Office is not such. And so on until more than 700 domains of email from the Spanish Administration that can be used by cybercriminals to deceive you through techniques of phishing or identity theft.
The phishing or identity theft can reach us through a WhatsApp message. Or by opening a fake web page or in a Email. Its purpose is extract personal data from us or obtain money through deception or extortion. There are ways to unmask this type of fraud, but spotting a case of phishing It is complicated when you receive an email with the domain of the Post Office, the National Police, the Tax Agency or the Ministry of Foreign Affairs.
These are just a few examples of email domains of a total of 772 domains of the Spanish Administration that have been analyzed by the Web security observatory. This study expands its Web Segura project that we saw previously. After analyzing the public web to see if it was really safe for the user, his next big study was to check if the email domains of Spanish public bodies They’re safe. Or if they could be victims of an attack of phishing or identity theft against Spanish citizens.
And it is not the same that you receive an email with a strange or unknown domain than an email of the type @ Correo.es, @ sede.sepe.gob.es or @ Agenciatributaria.es to cite the most common examples in deceptions of phishing.
Almost 97% of domains are vulnerable
We have all received a fraudulent email message at some time. The sender claims to be Microsoft, Facebook, your bank or the Tax Agency. But looking at certain details, it is seen that they are not real. The best, ignore them and delete them. But some are more successful than others and there are some who manage to fool anyone.
One way to get very realistic fraudulent emails is by using the official domain of the Spanish Administration that cybercriminals pose as. But although there are ways to prevent it, in Spain this is not usual.
Those responsible for Web security observatory have made a analysis of public emails of dozens of public bodies and institutions in Spain at the state, regional and local level. Out of a total of 772 domains analyzed, only 25 of them are safe against identity theft. The rest, 747, are vulnerable and could be used in attacks phishing against the population or against the Administration itself.
The list of safe and vulnerable domains can be consulted in this link. For its classification, the Observatory has taken into account how are they configured those domains. Specifically, whether or not they have implemented security measures against phishing What SPF or DMARC.
How to prevent identity theft?
SPF is the acronym for Sender Policy Framework. In Spanish, Senders Agreement. As Wikipedia explains, “it is a protection against address spoofing in sending email. It identifies, through domain name records (DNS), the SMTP mail servers authorized to transport messages. This agreement seeks to help reduce abuses such as spam and other evils of e-mail ”.
The other preventive measure against phishing or spoofing is DMARC. It is the acronym for Domain-based Message Authentication, Reporting and Conformance. In Spanish, Message Authentication Based on Domains, Reports and Compliance. Going back to Wikipedia, “it’s an email authentication mechanism. It has been designed to give email domain owners the ability to protect your domain from unauthorized use”.
In short, the Spanish public administration has a lot of work to do to deal with online security issues. Something of vital importance. Especially when we talk about impersonate of entities as important as the Post Office, the Treasury or the National Police itself.
You will find more information about the Web security observatory on its official page. There you will be able to consult the analysis on the security of the Spanish public Web and its most recent project, the security analysis of public emails.