E-mail Security Concerns

Today, e-mail is the primary means of business and personal communications for millions of people. Billions of messages are transmitted back and forth across the Internet on a daily basis.E-mail is one of the most common tasks performed with a computer.With the capability to deliver messages almost instantly anywhere around the globe, it provides speed and efficiency that can’t be matched by regular postal mail service. Unfortunately, as efficient as it is at delivering legitimate messages, electronic mail is also quite efficient at distributing malicious software and filling e-mail inboxes with unsolicited junk mail.The information in this article will help you use e-mail productively and safely.

Opening Attachments
When the Internet exploded in the early 1990s and e-mail became a mainstream
form of communication, file attachments soon emerged as a standard part of many messages as well. For personal e-mail, users found it a quick and simple way to share pictures of grandchildren with parents across the country or the world. For businesses it became a competitive advantage to be able to send a business proposal or the latest financial figures as a document or spreadsheet file attachment to an e-mail. It is an unfortunate fact when it comes to malware and malicious computer activity that often what was intended as a feature can also be exploited and used against you. If a file attachment can be sent with a program you can click to execute and perform some function, there is nothing stopping a malicious developer from creating one that executes and performs a malicious function.

Although antivirus software is continually updated to detect these new threats as they are created, it is still a reactive form of defense. Malware still gets past antivirus software and entices users to execute infected file attachments before the antivirus software is updated.To prevent these infections and to try to ensure that users do not even have an opportunity to execute malicious attachments, administrators filter certain attachment types regardless of whether they actually contained malicious code or not. This is one of the most prevalent methods for proactively protecting the network from potentially malicious executable file attachments, or file attachments that will run a program or perform commands if they are opened. As the list of blocked file types grows, malware developers simply find some other executable file types to spread malware and the cycle continues.

Blocking file attachments that are known to be executable and therefore may pose a risk from a security perspective is a move in the right direction, but it too is somewhat reactive. Although it is more proactive to block a given file attachment type by default, most administrators and mail filters don’t add a file type to the list of blocked types until after it has been used by some malware. In my opinion, all file attachments should be blocked by default and then the administrator or user should have to designate which types they will allow rather than the other way around.

Web-Based versus POP3 E-mail
Most home users use either a POP3 (Post Office Protocol) e-mail account or Webbased e-mail such as Hotmail or Yahoo.With some ISPs you have the option of doing either. Each type of e-mail has its advantages and security concerns. One of the biggest issues with Web-based e-mail is that it bypasses many security measures designed for e-mail. Corporate networks often have antivirus scanners at the e-mail server level designed to catch and block any malicious e-mail before it can get to the end user.There are also typically filters that block file attachments thatmay contain malicious code as well. When e-mail comes through the Web rather than through the pre-defined channels for e-mail, these security measures are useless. Accessing personal e-mail at all, or at least accessing personal e-mail via the Web on your employer’s network is an activity that should be governed by some sort of policy or procedure.You should check to make sure you aren’t violating any rules by doing so.

On a positive note, the larger providers of Web-based e-mail; namely,Yahoo and Hotmail, now provide virus protection on their e-mail. It does not replace the need to run antivirus software on your own computer since e-mail is only one means of spreading malware, but it at least significantly reduces the risk of receiving an infected file attachment through Web-based e-mail.

POP3 e-mail is the other standard primarily used by home Internet users. Programs like Outlook Express, Eudora, and Netscape Mail are typically used to download and view e-mail from a POP3 account. When you set up the client software you have to supply information such as your username and password and the incoming and outgoing mail servers so the software can authenticate your account and send and receive e-mail. Rather than simply viewing your e-mail on a Web page, the actual messages are transferred from the e-mail server to your computer. Whether you use Web-based or POP3 e-mail, there are security concerns you should be aware of. Sending an unencrypted e-mail is the digital equivalent of writing your thoughts on a postcard.Would you write your bank account number, social security number or other personal and confidential information on a postcard to be seen by all as it passes from you to its intended destination? If you wouldn’t share the information in public you shouldn’t send it in an e-mail. E-mail is not inherently secure. It is convenient and quick, but not secure.

Spoofed Addresses
One of the most confusing things about e-mail for many users these days is spoofed e-mail addresses. Most people by now have experienced receiving an e-mail infected with some type of malware that appears to be from their cousins, best friends, or mothers. But when you contact those people to ask them why they sent you the email or to let them know they are distributing infected e-mail, you discover that they never actually sent you the e-mail to begin with. Most users have also had the opposite experience as well.You get the e-mail or phone call from your friends asking you why you sent them an infected e-mail message. It is also very common to receive an auto-reply from some mail server either letting you know that the e-mail you sent contained a virus or worm or that the user you allegedly sent the e-mail to does not exist. All of these are examples of spoofed IP addresses.

The primary thing you need to know when it comes to the source address of an e-mail is not to trust it. Almost every part of an e-mail header can be forged with enough knowledge; fields like the Sender or From e-mail address and the Reply-To e-mail address can be changed simply by typing in a new one with some e-mail applications.

Exercise caution and an appropriate amount of common sense before choosing to open an e-mail message. Even if it appears to be from your brother, if the Subject of the message or the message itself seem suspicious or awkward it is better to err on the side of caution and simply delete it. When you receive a misguided response or auto-response to a message that spoofed your e-mail address you should simply delete those as well.

Virtually everybody with an e-mail account is accustomed to receiving offers to refinance their home loan; purchase low-priced Vicodin, Viagra, and other pharmaceuticals on the Internet; hook up with an alleged blind date; and any number of other unsolicited commercial marketing.

Most corporations and many e-mail programs now have the capability to filter e-mail to try to block spam messages so that you aren’t bothered by them.There are also third-party programs you can use to block spam from getting into your computer. Personal computer security software products such as Norton Internet Security Suite or McAfee Internet Security Suite include spam as one of the threats that they protect against.

Like most of the other security measures discussed, such as antivirus software and intrusion detection, the filters to block spam messages are also reactive to some degree. Many of the spam-filtering applications use a point system to determine whether a message is spam or not.They can block source e-mail or IP addresses known to distribute spam and can scan the subject and body of incoming e-mail messages and look for keywords like “Viagra” or “refinance” that tend to appear in spam e-mail messages.The more such keywords appear in a single message, the more likely it is spam and will therefore be blocked.
Spam filtering can still be somewhat messy, though. Legitimate messages you may want to receive may get filtered or quarantined by your spam-blocking software while some spam messages will still make it through. Often you can help to “teach” the spam-filtering software by letting it know when it has a false positive or false negative like this.

{ 0 comments... read them below or add one }

Post a Comment