E-Mail inbox security is a trusted form of communication these days and is often a means by which personal information is shared. This makes it a prime target for malicious actors that use E-Mail as a method for their attacks. To achieve E-Mail inbox security users need to be aware of the threats they face when using this method of communication. There are two main categories of E-Mail inbox security: identifying attacks contained in E-Mail and preventing interception of E-Mail contents.
The first type of threat targets the contents of your inbox. While attackers of this type can use a range of communication methods to achieve their goal, E-Mail is one of the most often used for phishing scams, malware attacks, ransomware and others. Phishing involves a type of fraudulent E-Mail that purports to be from a trusted source and asks for personal information such as bank details or user ID and password information. While most modern mail programs have filters for removing these types of communications they sometimes have devious methods for getting past a user. They can, for instance, claim to contain an invoice as an attachment (which installs malware when opened) or claim to be from a known sender.
Transit threats to E-Mail are those that involve a third-party eavesdropping on E-Mails that are being exchanged between two trusted parties. Often called a ‘man in the middle attack’ this involves someone monitoring the exchange and stealing data contain in the communication. Sometimes an E-Mail account can be created that looks like it is from a trusted source but is in fact a fake account that is used to extract information. The best way to protect against these types of attack is to encrypt E-Mail communications on both the sender’s and receiver’s end. Encryption can be implemented in the transport layer, which means that malicious actors cannot snoop on email contents while they are being sent over a network, or through end-to-end encryption where the sender’s message is encrypted before it is sent and can only be decrypted when it is received by the intended recipient.
There are other ways of protecting E-Mail communications so that they are made more secure. One of the easiest ways is to use an effective password manager for your E-Mail client. Online E-Mail providers often use an outdated password security algorithm which allowed millions of passwords to be compromised through what is known as a ‘brute force’ attack which relies on weak or easily guessed passwords to be revealed. By using password manager software a user can ensure that their password is strong enough to overcome these type of attack.
Leave a Reply