Anyone who has ever been the victim of an email hacker attack knows a thing or two about the problems that can be associated with it. Spam, virus, and phishing emails can cause quite a lot of damage if handled incorrectly or carelessly. This applies to private users and even more so to companies. For the latter in particular, emails are still the most important means of communication with customers, suppliers, and other business partners, despite all other digital channels. However, there are email security solutions to prevent attempted attacks from being successful.
First steps to email security
Mail traffic should first be checked for viruses and other malware at the gateway. Corresponding virus scanners are available on the market for most firewalls and United Threat Management solutions (UTM = a bundle of security systems). Such virus scanners for gateways can be configured and handled quite easily. Known viruses, spyware, and Trojans are thus filtered out at an early stage.
Central spam filters are also suitable for use at the Internet gateway, protecting the user from spam e-mails, harmful links, phishing attacks, and similar attempted attacks. In corporate networks, the administrator must be able to specify exactly which incoming emails are to be delivered and which are to be blocked or moved to quarantine so that spam protection can be individually adapted to the needs of corporate security.
In some cases, it makes sense to also install anti-virus and anti-spam software on the individual clients, for example, if the mail server is not in-house but at a mail provider.
Dedicated email security solutions
In addition to protection software for Internet gateways and clients, there are also dedicated products that are intended exclusively for the security of email traffic. They do their work in the cloud or on the web, automatically detecting and blocking unwanted emails. Blocking policies can be individually configured to ward off malware and phishing attacks.
This type of email security solution can also check e-mails for URLs, URL manipulations, and links to malicious websites and trigger appropriate alarms.
Encryption: Protection against unauthorized reading
E-mail encryption does not protect messages against malware attacks but is intended to prevent unauthorized third parties from reading them. However, there are still some problems here. Establishing an encrypted connection via SSL/TLS is now supported by many providers and email clients. Email servers can also communicate with each other in encrypted form.
However, there is always a degree of uncertainty as to whether all elements involved in the transmission have mastered and used the encryption method. If the recipient’s mail server does not support this, the message will still be delivered in clear text. Only the password for the server login is protected. The respective administrators can also access the data since the encryption is only used for transmission.
Other measures must be taken for secure end-to-end encryption, such as a PKI-based method with OpenPGP or S/MIME. However, the Public Key Infrastructure (PKI) requires that the sender and recipient of an e-mail exchange their keys beforehand. This is only possible to a limited extent in practice. The topic of encryption, therefore, requires further development.
Recognize phishing mails
In the past, recipients could often recognize phishing emails because they were written in bad English and given an impersonal salutation. Today, cybercriminals are much more professional. However, there are characteristics in phishing emails that should ring alarm bells for the recipient, for example, if:
- Links and forms are included
- an urgent need for action is specified
- threats are made
- confidential data such as a credit card number or a PIN for online banking are requested
- the message appears to be from a well-known organization or person, but the sender’s text or concern sounds unusual
- the mail contains attachments;Â clicking on it usually leads to an infection of the computer or the system with malware
The best solution to unusual emails is to delete them immediately to avoid risk. The damage could be very high.
