Email is a powerful way to connect with people. Unfortunately it also makes us vulnerable targets of scammers that can affect us from thousands of miles away.
Understanding the threats you may face via email and how you should react to them can help you keep your information safe.
The risks facing email communication are widespread, ranging from individual hackers seeking sensitive information to nations engaged in economic espionage. The tools available to those seeking to undermine email security range from the mundane use of spam and phishing messages to sophisticated DoS attacks designed to cripple an organization’s email infrastructure, preventing legitimate use.
These are as old as email itself and include unsolicited messages with a variety of intentions. Many seek to sell products or services to consumers, often providing the opportunity to purchase black market items, such as prescription drugs or counterfeit goods. These messages are more than a nuisance, as organizations must size their email infrastructure to handle the increased messaging volume that spam creates.
These represent a variation of spam with more dangerous intentions. These unsolicited messages don’t seek to sell products but instead attempt to fool unsuspecting users into disclosing sensitive information. Malware can be sent in phishing attacks attempting to trick the user to open a file. These files can look like legitimate documents – for example, PDF or Word documents — but there is a zero-day exploit waiting to be triggered when users open the file. Once the exploit is triggered, the malware is installed and compromises the user’s computer.
Email may also be used as a vector for the delivery of malicious code. Hackers seeking to infect a system with a virus, Trojan horse, spyware or other type of malware may simply attach the installer to an email message, hoping that recipients will open the attachment on a system lacking appropriate anti-virus software. Similarly, links provided in messages may direct users to a site hosting malware installers that jeopardize the security of infected systems. Once compromised, these hijacked systems may be used to send spam. They can also be used as entry points for attacks on an organization’s internal network.
Attackers may be able achieve their objectives without actually gaining access to the contents of email communication or the systems that send and receive messages. This type of attack, known as a denial-ofservice attack, may involve exploiting a vulnerability in the organization’s email infrastructure, causing it to crash. Brute force DoS attacks may simply flood an organization’s email server with fake messages that consume all available server resources, causing network congestion that prevents legitimate messages from getting through.
When evaluating the risks to email communication, organizations should not overlook the insider threat. Employees with authorized access to the email system may, intentionally or accidentally, cause damage to the organization through misuse. One common way this occurs is the accidental leakage of information outside of authorized channels.
Employees may also misuse email in a manner that violates the law or company policies by sending or receiving inappropriate content. An email message containing a risqué cartoon may be amusing to some but offensive to others, creating a human resources issue and potentially exposing the organization to liability for sexual harassment. Other potentially problematic email content includes pornography and hate mail.
Email Security Enhancements
Confidentiality: protection from disclosure
Authentication: of sender of message
Message integrity: protection from modification
Non-Repudiation of origin: protection from denial by sender
Organizations put their primary focus on
- Protecting users from unwanted email and inbound email vulnerabilities
- Preventing the dissemination of spam or infected email from the organization
- Training employees in email best practices