Raise your hand if you use e-mail. Do you use it daily? According to a Radicati Group study from February 2015, there are about 2.5 billion email users worldwide. In other words, just slightly less than one in every three individuals use email on the earth. While e-mail is a useful tool for communicating easily and quickly, it has also been a common target for hackers.
A look at e-mail security
A multi-year study conducted by researchers at Google, the University of Michigan, and the University of Illinois at Urbana Champaign, provided mixed news on the email security front. The researchers examined a list of top million domains as well as data from emails sent and received via Gmail. The study showed that email security overall has improved significantly over the past two years mostly because of the broad adoption of encryption and authentication standards by the three biggest providers of e-mail service: Google, Yahoo, and Microsoft. Unfortunately, a vast majority of the servers that other organizations use for sending and relaying e-mail lag significantly behind in the use of Transport Layer Security (TLS) and other security mechanisms meant for protecting email, exposing users to higher security risks.
Biggest threats to your e-mail inbox
E-mail security has evolved over the years, but as it does, so do the method and threats on your inbox from cybercriminals. Below we have highlighted three of the most common threats you may currently find in your inbox.
Spam filters have gotten relatively stronger, and prevent most of us from seeing emails that we didn’t specifically sign up for. When we think of spam, we typically think of one person (or computer) sending out a massive volume of email. Until recently, that method proved to be true, making it easy for spam filtering software to prevent us from seeing much spam.
Unfortunately, a new method of spam is taking over inboxes: snowshoe spam. This form of spam is not sent from one computer, but instead thousand of users, each sending messages in low volume. It is easy for filters to block spam coming from one location, but it becomes difficult to keep up with many different hosts. In addition, snowshoe spam has been tied to legitimate bulk email addresses, such as the ones that send you newsletters that you voluntarily signed up for.
Email spam, hoaxes and fake news
You have probably seen these headlines pop up in your inbox or even articles on social media that yell at you in all CAPS, “YOU WON’T BELIEVE THIS SHOCKING THING PRESIDENT OBAMA SAID…”. These false news articles are distributed for different purposes, mainly through email (or social network messages), with misleading content. They use shocking or sensational topics for propagation, encouraging users to forward these pieces of news by either appearing to come from a trusted source or they simply ask in the message to be forwarded. Some of the purposes of these types of scams generally consist of gathering addresses to send spam, creating uncertainty among recipients or simply having fun.
Another form of e-mail hoaxes is spoofing, which occurs when an attacker sends you an e-mail pretending to be someone you know. Individuals should always be cautious of any e-mail asking for money or sensitive information, even if it appears to be from someone they know and trust. While you may know not to open or pass along these hoax e-mails, they often target older individuals who are not familiar with e-mail systems or don’t understand spam.
We’ve already talked a little about phishing e-mails–attacks that target individuals by sending links, attachments or requests for personal information. Phishing attacks have become so effective that 91% of all cyberattacks are believed to have been instigated by a “spear-phishing” e-mail that was targeted at an individual within an organization. Phishing attacks are one of the most common security challenges that companies and employees face, but with education and training, companies can reduce the risks of valuable information being stolen.
Email correspondence has become the primary method for correspondence for businesses and individuals alike. Unfortunately, email has potential to be loaded with threats such as viruses and spam that can impact the performance of other components within the communications infrastructure. Be aware of the threats that you may find in your inbox in the new year to help ensure security and efficiency.