Email has become one of the most commonly used forms of communication on the planet; it’s used for business, it’s used for keeping up with friends and family, it’s used for banking and receiving digital bills and receipts. However, the early internet was not designed with security in mind, as it originally began as a small community of researchers and much of it was open and public. The internet of today is very different, more widespread, more essential, and more dangerous. Email is particularly vulnerable, and exposed to a number of different hacking techniques.
#1 Phishing Attacks
Phishing attacks are designed to acquire access to banking, login, or other private, valuable information (in corporate espionage, that might include patents or board decisions), by posing as someone else. You may receive an email from someone outright asking for money, or from someone posing as your bank or a credible financial institution. You might get an email that appears to be from a friend with a link to a video ‘you should check out,’ which will either download malware to your device or request login information on a fake login page. Phishing attacks are especially effective against businesses, when the user is not sharing their own information, but the company’s, since their defenses are down and they’re trying to work quickly.
Software keyloggers are a kind of malware (that might be successfully installed through a phishing attack) designed to capture the keystrokes of the device’s user, whether it’s a laptop or a mobile. You might use a software keylogger to record emails or record banking information and access a credit card or bank account.
#3 DNS Hijacking
If you’ve ever heard about emails being “intercepted,” DNS hijacking is probably what they were talking about. Read this explanation of DNS hijacking from Elie Bursztein, a Google security researcher, for all of the details, but here’s more or less how it works. When you send someone an email, you need the IP address of their mail provider server, delivered by a DNS server. In a DNS hijacking, a cybercriminal poses as the DNS server to provide a false IP address, one owned by the attacker. The message is copied or read before being sent along to the intended recipient, in order to keep the interception hidden.
DNS hijacking is why you should never share bank account or credit card information, passwords, or other confidential data over email. Domain Name Servers were created in an age before cybercrime was a concern, so they were not designed with security in mind; this is where PGP comes in.
If you have to send confidential, sensitive, or financial information through email, PGP encryption from a company like Myntex is a must-have. The company uses BlackBerry PGP encryption on tailored devices that allow users to send email securely. PGP, which stands for Pretty Good Privacy, provides secure international email using a system of encryption keys that mean only the intended recipient’s device can decrypt your email. BlackBerry devices are used by PGP encryption provider Myntex because they offer better support for encryption. Using the BlackBerry Enterprise Server, devices can be restricted exclusively to email – no browsers, apps, camera, or even voice calling. You can find more information at Myntex.com, but it means that your device will be protected from phishing attacks and keylogging. Encryption itself will keep your emails unreadable in the event of a DNS hijacking intercepting your messages. PGP encryption is a great technology for those who are concerned about their privacy and security.