How To Secure Your E-Mail Account ?
E-mail is one of the most widely used Internet services today. The services which are generally used in the e-mail Infrastructure are Simple Mail Transfer Protocol (SMTP) and Post Office Protocol version 3 (POP3) or Internet Message Access Protocol (IMAP). The client communicates with e-mail server through Simple Mail Transfer Protocol (SMTP) and retrieves a message from their server based inbox through Post Office Protocol version 3 or Internet Message Access Protocol.
E-mail Vulnerabilities
As we know that e-mail is one of the common delivery methods for virus, worms, Trojan and other malicious code and they also have some additional capabilities like auto-download feature, auto-execute feature has transformed hyperlinks within the content of e-mail and attachment into a serious threat to every system.
The protocol which is used in e-mail infrastructure is not very secure. Because they do not support encryption, they transfer mail in plain text which makes eavesdropping much easier.
E-mail is also vulnerable to spoofing. Spoofing is the mechanism by which attacker sends an e-mail with a victim e-mail id.
Apart from that e-mail itself can be used as an attack. Example- In Daniel of Service attack single user sends an unlimited number of messages to a victim inbox which results to destroy their e-mail account completely or does allow to receive any message, this process is also known as e-mail bombing.
There are many vulnerabilities in an e-mail. Here, we are going to explain some common security issues by which your e-mail account may get attacked.
Now it's time to secure your e-mail account.
There are many ways through which you can secure your e-mail account.
The important thing to secure your e-mail is to maintain a confidentiality of the message being exchanged. This is possible by the use of security protocol some are: S/MIME, MOSS, PEM and PGP.
1. S/MIME: Secure Multipurpose Internet Mail Extension is a security protocol that offers both confidentiality and authentication of e-mail through digital certificate and public key encryption.
2. MOSS: MIME Object Security Service provides confidentiality, authentication and non-repudiation of e-mail message. Non-repudiation is an important concept which states sender can't deny that he doesn't send a message because it provides the guarantee that sender can't deny it later. MOSS use different algorithms to provide authentication and confidentiality. Some of the algorithms are message digest 2, message digest 5, data encryption standard to provide authentication and confidentiality.
3. PEM: Privacy Enhanced Mail is a mail encryption mechanism that uses X.509, RSA and DES for authentication, integrity and confidentiality.
4. PGP: Pretty Good Privacy uses a variety of encryption algorithms and public-private key cryptography to encrypt e-mail and sends a message in a secure way. The first version uses RSA for encryption but later it offered many other options too.
By using these options, you can eliminate and secure your email against most of the vulnerabilities.
Attachment is also an important source for downloading threats on your system so it is always better to block attachment from an unknown source at the e-mail gateway to secure your email.
ليست هناك تعليقات:
إرسال تعليق