Table of Contents
Digital gadgets and IoT devices including our laptops, mobiles, tablets and smart watches etc. have become a part of our lifestyle. Not a day passes by when we do not use some type of technologically equipped device or service. As digital transformation is driving the technology industry the need for digital security and privacy protection is rising. Despite of the advancements in technology sector cyber security is one of the biggest concern of users and cyber space professionals. IoT devices security breaches by cyber-hackers by using malicious cyber attacks by using emails to gain and compromise sensitive organizational or personal data is rising at an alarming rate.
Cyber attackers and hackers are constantly targeting organizations and Government institutes to steal any sensitive information of customers and employees to fulfill their personal and political agendas. Emails are now being used as hacking and data exploitation tools by cyber criminals. The purpose of this paper is to discuss why it is important that we use secure e-emails to stay protected from any data theft attacks. We will further discuss how PGP and S/MIME technology can be used to send secure e-mails.
What Is Secure E-mail and How It Is Different From Regular E-mails?
Secure emails or in other words popularly known as “End-to-end encrypted” emails are widely popular and used to send secure and private information. Secure emails are used primarily for the purpose of sending sensitive and private information and documents form one user to another. Secure emails are different from regular emails but serve the same purpose, that is of communication. However the key difference between both types is that secure e-mail focus on the privacy and security of data sent and received by the user. Secure email encrypts all the data sent by the user so no one except the receiver can view and access it. While on other side, regular emails are sent without any encryption and data is not encrypted and is sent originally as the user have sent it.
According to Statista report, currently there are over 23 billion IoT devices used by people all around the world. The Statista report also revealed that by the next year that is 2020 this number is going to increase and is expected to reach 30 Billion. With the amount of this much technology users it is not surprising that all of us from time to time use emails for many different purposes. It is hard in this modern era to survive with having an email account. If you are a student or a business owner or an employee, it does not matter emails are everywhere and we all use emails for different purposes. But need however, is to use effectively and learn the dangers of cyber threats and cyber criminals because emails have become one of the favorite attacking tool of the hackers now a days. To protect the sensitive data secure emails are vital. Team, M. (2019).
Four out of five organizations (80%) have faced an email-based cyber attack in the past year and 73% of IT security professionals say the frequency of such attacks is increasing, a survey has found. Information Commissioner’s Office (ICO) in UK has reported that 3,325 data theft and security attack incidents reported that emails based cyber security attacks were the most used and common attack method used by cyber criminals. Due to this rising number of email related security incidents it is best that secure e-mails are used for data protection.
Hackers can gain unauthorized access to digital Devices like Mobile Phones, laptops and computers than after getting control of these devices hackers and cyber-crime groups can use our IoT devices for initiating a bigger cyber-attack. And all this can happen with a single vulnerability or a mistake on how we use emails. The most common types of security risks and attack forms related to emails are:
- Identity Theft
- Phishing attacks via fake emails (91% of attacks launch with a phishing emails)
- Viruses and Malwares
- Trojans and Spywares
- Ransomeware viruses sent by emails
- Spam
- Information-stealing malware
- Social Engineering attacks and so on.
Using Secure Emails
Businesses are all around the globe no matter the industry, region, market or niche they belong to, they all face cyber security risks and attacks from time to time. And studies have found that, Damage related to cybercrime is projected to hit $6 trillion annually by 2021 Warwick Ashford. (2018). To stay secure while communicating with others and sending sensitive information over the emails. Secure email platforms offers many features that provide maximum protection that is necessary to protect cyber attacks.
Some of the major benefits of using secure emails are discussed below:
Identity Theft Protection: By using secure email technology or platforms, it becomes transparent that who a sender and a receiver is. A receiver will only receive an email that is being expected from another trusted user.
Data and privacy protection: Secure emails offer end-to-end data encryption security protocol that means a user with a password to decrypt the encrypted information can only be able to access the information and data sent in an email. Secure email platforms/technology secure identity and data of both sender and receiver.
Phishing protection: 91% of cyberattacks begin with a spear-phishing email, which is commonly used to steal information and data by cyber criminals. Secure email platforms/technology automatically identify and eliminate any phishing attempt or any malicious behavior.
Virus and Trojan Protection: All the viruses, Trojans, ransomeware, Spyware and malwares are automatically detected by the secure email platforms and are not allowed to be attached by the user trying to send them. Moreover, encryption engine do not encrypt malicious files containing harmful viruses to ensure maximum protection.
The working of secure or encrypted emails is very simple yet brilliant. An email containing all the information and data is first encrypted into a random hash that is un-readable to a human Ivana. (2017). And a password is generated to decrypt the data to get the data back to its real form. For example a user send his friend a message say “Hello Pete” the message will be first encrypted in an un-readable form like say “ $as&3490# “. Then Pete will use the password to decrypt the received message that is $as&3490# to get real message that was Hello Pete.
PGP or in full form known as Pretty Good Privacy. It is used to provide cryptographic privacy and authentication for data communication. PGP is primarily used for two main reasons or features: Privacy and Security Authenticity Patrick Lambert. (2019). While on other hand, Secure/Multipurpose Internet Mail Extensions or S/MIME is used for public key encryption and signing of MIME data. S/MIME is primarily used for two main reasons or features:
- Digital signatures
- Message encryption
Lets take an example of how Encrypt Emails in iOS using S/MIME technology in five steps By default, the S/MIME encryption method is built into every iOS device. In order to enable the encryption option to email messages, follow the next five simple steps:
- First step is that find the settings option in any iOS device and then find and click sub-option by the name of “Accounts & Passwords.”
- Secondly we have to choose an email account that we need to encrypt.
- Click and select the email account
- Find the Advanced option in the next window and click it.
- Advance settings will display a list of options from which find the option that represents S/MIME and then turn it on by clicking on the slider.
I will conclude this report, which this fact that cyber security attacks have been grown a whooping of almost 60% since 2016 and in only three years the rate with which the cyber attacks are increasing is terrifying. This modern society we live in forces us to become some what tech-savvy in order to defend against the security risks we face on daily basis. Hackers and cyber criminals are becoming more sharp and skilled, it is only fair that we learn and be aware of latest self security methods to not fell victim to any cyber attack. And using secure emails is one of the many ways to keep yourself sure from outside data security threats and risks.