Recommendation ITU-T X.1236 (11/2023) Security requirements and countermeasures for targeted email attacks
Summary
History
FOREWORD
Table of Contents
Introduction
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Recommendation
4 Abbreviations and acronyms
5 Conventions
6 Introduction of targeted email attacks
     6.1 General characteristics
          6.1.1 Zero-day malware attacks
          6.1.2 Post receipt malware attacks
          6.1.3 Outbound email attacks via account take-over
          6.1.4 Email impersonation attacks
     6.2 Security technical procedure for targeted email attacks
7 Threats for targeted email attacks
     7.1 Malware email attacks
          7.1.1 Zero-day malware
          7.1.2 Malware in an attachment
          7.1.3 Malware in uniform resource locator
     7.2 Social engineering email attacks
          7.2.1 Forged header
          7.2.2 Look-alike domain
          7.2.3 Account take-over
          7.2.4 Uniform resource locator phishing
     7.3 Outbound email threats by user
          7.3.1 Intentional information leakage
          7.3.2 Unintentional information leakage
     7.4 Outbound email threats by attackers
          7.4.1 Using account take-over
          7.4.2 Unauthorized email server access
8 Security requirements to counter targeted email attacks
     8.1 Security requirements to counter malware email attacks
          8.1.1 Security requirements to counter zero-day malware attacks
          8.1.2 Security requirements to counter malware in attachment attacks
          8.1.3 Security requirements to counter malware in uniform resource locator attacks
     8.2 Security requirements to counter social engineering email attacks
          8.2.1 Security requirements to counter forged header attacks
          8.2.2 Security requirements to counter look-alike domain attacks
          8.2.3 Security requirements to counter account take-over attacks
          8.2.4 Security requirements to counter uniform resource locator phishing attacks
     8.3 Security requirements to counter outbound email threats by user
          8.3.1 Security requirements to counter intentional information leakage
          8.3.2 Security requirements to counter unintentional information leakage
     8.4 Security requirements to counter outbound email threats by attacker
          8.4.1 Security requirements to counter attacks using account take-over
          8.4.2 Security requirements to counter unauthorized email server access attacks
     8.5 General security requirements to counter targeted email attacks
          8.5.1 Common security requirements to counter targeted email attacks
          8.5.2 Security requirements for an email security reporting system
9 Countermeasures for targeted email attacks
     9.1 Countermeasures for malware email attacks
          9.1.1 Countermeasures for zero-day malware
          9.1.2 Countermeasures for malware in attachment
          9.1.3 Countermeasures for malware in uniform resource locator
     9.2 Countermeasures for social engineering email attacks
          9.2.1 Countermeasures for forged header attacks
          9.2.2 Countermeasures for look-alike domain attacks
          9.2.3 Countermeasures for account take-over attacks
          9.2.4 Countermeasures for uniform resource locator phishing attacks
     9.3 Countermeasures for outbound email threats by user
          9.3.1 Countermeasures for intentional information leakage
          9.3.2 Countermeasures for unintentional information leakage
     9.4 Countermeasures for external outbound email attack
          9.4.1 Countermeasures for attacks using account take-over
          9.4.2 Countermeasures for unauthorized email server access
     9.5 General countermeasures for targeted email attacks
          9.5.1 Common countermeasures for targeted email attacks
          9.5.2 Countermeasures for email security reporting systems
Appendix I  Use case of targeted email attacks and countermeasures
     I.1 Use case of targeted email attacks
Bibliography