As we’ve already mentioned and discussed what phishing attacks are, and how are they planned in campaigns, how spear-phishing and whaling attacks rob hard-working people, just because hackers exploit the very human nature, now I want to shed some light on another problem – until now there was no single tool that could help you and protect you while you access and use your email daily.
Wouldn’t it be better to be more secure and know whether a message is coming from a legitimate source or is designed to trick you into opening the email and sharing your personal information or downloading a harmful file that could make your computer another node in someone else’s botnet? Email protector is a browser extension that mitigates phishing, spear phishing and whaling attacks. It is designed to protect you when you do your day-to-day tasks. Instead of wasting time validating email headers by hand, Email Protector does that for you.
Email protector is a browser extension that gets installed… on your browser. Statistics show that the most commonly used browser is Google Chrome – that is why we designed the extension to be functional with that browser. The current release supports English, German and Bulgarian languages.
As a browser extension, you should give permission to the Protector to read the headers of the emails you receive. The extension will not touch any other line of text besides the email header. By scanning the header, Email Protector will find out if the email is coming from a legitimate source or not. If an email comes from a non-legitimate source (like the method used in this article), then the extension will inform the user about the maliciously crafted email. But what if the email comes from a legitimate source? Let’s say that you’re having a nice business conversation with firstname.lastname@example.org. You arrange payment information, exchange invoices and payment information and all of a sudden you get an email from email@example.com (mind the changed email name) or firstname.lastname@example.org (the username remains the same, but the domain is changed). This is one of hacker’s favorite methods that trick you into believing that you’ve communicating with the legitimate person or entity. You can find a detailed article about this method here. We’ve included functionality that can protect you from those “misspelled” emails, regardless of the fact if the username or domain name was forged. You, as the user of the Extension, can “trust” specific email addresses – the ones that you know for sure are legitimate. You can do it by highlighting an email in the Chrome browser, right-clicking it and choosing “Trust email”. The email you have trusted will be stored in the memory of the extension, and you will see the email populate the list of “trusted emails”. The standard version of the extension includes one slot for “trusted emails”, while the premium versions include three, ten or unlimited supported “trusted emails”. That way, if you have trusted a specific email, let’s say email@example.com, and you receive other emails from users such as firstname.lastname@example.org or email@example.com, you will be notified about the fact that the email senders are not the same. This notification is going to be persistent whenever you open such an email, so that you are constantly reminded of the difference in the email names and / or domains. If you make an error adding an email, you can always remove the email from the list of trusted emails by clicking on it and then selecting “remove email” from the button below. Additional functionality includes the proactive prevention of phishing and spam campaigns by some domains. If a domain is used for malicious purposes, we collect the email address, which is related with the spam or phishing campaign, and proactively silently inform all Email Protector clients. Protecting yourself means protecting other as well. We take great care in not exposing any information whatsoever that could compromise anyone as an entity or an individual. That is why we do not collect any user-specific information. Security is something that should not be compromised on. Whenever there is a malicious email that you have received, Email Protector gathers the information, such as email user name and email domain (if the email is not spoofed), to inform other Email Protector instances across the globe for the existing threat. If the email is spoofed, Email Protector creates a local cache-like blacklist. This feature is user-centric and takes user security to a whole new level.
The extension is designed for day-to-day use by individuals and companies. If you’re using a browser and receiving 20+ emails daily, you’ll most probably not have enough time to go over email headers manually. That’s why we strongly recommend that you use or product. Just stay secure.
Currently Email Protector is limited to abv.bg, mail.bg and Google’s gmail.com.
As a Chrome extension, currently the Email Protector could be installed on Google Chrome browsers, thus making it platform-independent (you can use it on Mac, Linux or Windows). In the near future, we will make the Extension interoperable with Mozilla Firefox as well.
You can find the extension in the Chrome Web Store. It’s publicly available and free for use.
Currnently not, but as soon as we upload it, everything will be uploaded here for easier refference.
You’ve got an idea or just found a bug? You can share it with us on the corporate email! (You can see it in the footer)