Email security

From CopperWiki

Jump to: navigation, search

The email has become one of the world’s leading communication media but has also become vulnerable to outside influences, including those of individuals and organizations, making security one of the major issues for email users.

Contents

[edit] Why should I be aware of this?

Scams, hoaxes and other illegal schemes have been there since the Internet became mainstream, but have become more sinister in recent years, and posing a very real threat to our bank accounts and lives. Even our own identities are not safe.

Cases of email fraud are on the rise, with cheats trying to steal our money and hackers sending virus infected mails posing as personal messages from our loved ones. According to web security experts we should quell our curiosity and adopt some easy habits to save ourselves from being victims of email fraud.

[edit] How does this affect me?

Earlier email fraud was a nuisance, now money is the motive. One of the recent developments in email frauds is illegally accessing someone’s relatives and friends living overseas or outstation and seeking monetary help. There are also mails circulated with pictures which, when clicked, a virus is installed on your computer, locking all your files automatically. To unlock the files, you are told to pay up. People in countries where awareness of internet security is low are most vulnerable.

[edit] All about email security

For many organizations, Email, for most organizations, is not only the primary method of communication, but is the lifeblood of the business. Threat to email security, therefore, is a threat to the company's bottom line as well.

Most companies have recognized that unsolicited email messages are a time-consuming nuisance, and have implemented some type of antispam solution to detect and block spam email messages. However, spam is only one facet of email security, and antispam solutions are not effective at identifying or filtering other email-borne threats.

[edit] Security issues

However, there are a number of security issues in e-mail communication including:

  • Secrecy issue
  • Content integrity issue and identify integrity issue

Since e-mail has become an integral part of our daily life, it is important for you to understand the problems and potential risks in these security issues so that you can take corresponding actions to protect your interests.

[edit] Fraudulent messages

Email being an inexpensive and popular medium, it is ideal for distributing fraudulent messages to potential victims. Most fraud is carried out by people obtaining access to account numbers and passwords. Some of the most common fraudulent messages are non-monetary hoaxes or non-monetary chain mail. These are also types of spasm and should never be responded to. Same with emails with messages involving money or asking for personal information.

[edit] Types of email scams

Personal information scams (phishing)

"Phishing", which is currently the most popular and most dangerous form of email fraud, uses email messages that appear to come from a legitimate company or institution, such as your bank or university, and ask you to "update" or "verify" your personal information. The information is then used by the scammers to commit identity theft.

Nigerian bank scams

A very common type of email fraud, Nigerian nationals, purporting to be officials of government or banking institutions, email to individuals and businesses stating that a reputable foreign company or individual is needed for the deposit of an overpayment on a procurement contract. Other schemes have mails from a son or daughter of a murdered official pleading for your assistance in depositing an inheritance in your bank. The email asks for funds to cover various fees, and for personal identifiers such as Social Security numbers, bank account numbers, and other similar data, which are used to empty your bank accounts.

Sweepstakes, lottery, and prize scams

These scams trick you into thinking you've won large amounts of money and ask personal information that is then used to rob you. A processing fee for the winning amount is also asked for.

Pyramid schemes

This scheme is based on creating a hierarchy a hierarchy of people joining under others who joined previously, and making payments to them with the expectation of being able to collect payments from those who join below.

Chain mail

Chain mail is a form of junk mail sent to several people with instructions that each person should forward the letter to several others. Email fraud and hoaxes often occur in chain mail.

[edit] What can I do?

To keep your computer safe, first and foremost install a security software which will scan and remove viruses and spyware. Beware of emails which use words that create a sense of urgency. Do not respond to the message or to click on the link almost immediately without thinking. It is possible that one of your friend or co-worker’s email id has been hacked to lure you to transfer money. Some of the other precaution you should take are:

  • Unless you are expecting one, be suspicious about any email containing an attachment. Who the email comes from is not always an indication that it is safe. If the computer of someone you know gets a virus on his computer, the virus may pull your email address from his address book and send a virus-laden attachment to you. It may appear to be coming from somewhere else though it comes from the person known to you.
    • If you are suspicious about the email, delete it without opening the attachment.
    • If the email comes from someone you know, but you’re not sure about whether the attachment is safe, send that person an email asking if he sent you an attachment and what the attachment is.
    • If you use a web-based email, be sure to run the attachment through the built-in antivirus before opening it. If you use Outlook Express or another email program, be sure to set your antivirus program to automatically scan all incoming emails.
  • Never share your personal information with anyone who has told you you’ve won a prize.
  • Never follow a link in an email, unless you are absolutely sure of the sender. Many links appear to be those of legitimate websites but are fakes in reality. In such cases directly type the URL to the company’s site into your Web browser window, or contact the company by email or phone.
  • Every time you use your email address to register for a website or enter a chat room you take the risk that your email address will end up in the hands of a spammer. One security option is using a real email address for people you need to correspond with and another junk address for registering at websites, to sign up for chat rooms and message boards etc.
  • Never reply to spam, even if it has an “unsubscribe” message. Spammers just use your response to confirm that your email address is valid and active so that they can spam more.

[edit] References:

  • How To Keep Your Computer Safe
  • Beware: You’ve got scam [email protected]
  • Avoiding the latest email scams
  • What is email fraud