Since the concept of email was first floated in the 60s, it has exploded onto the scene, becoming an absolutely crucial part of everyday business and personal lives. It’s hard to imagine how we’d survive without it.
“It’s simple, convenient and ubiquitous but the simplicity hides the global and complex infrastructure behind it,” says Jay Haybatov, CEO of Dekko Secure. “People think that their messages travel from their device to the recipient’s but the reality is much more complex.”
According to Haybatov, the standards for email that are used today were created as early as 1982, but it wasn’t for public use and therefore no one really cared about security.
“Just for comparison, the first website appeared 18 years later, in 1990,” Haybatov says. “The email standards were created when nobody thought about the Internet as a place for billions of users and millions of businesses.”
Haybatov assures that while various security measures have been put in place over time, email still suffers from several unresolved problems, which include:
“There are a number of tools in the average hacker’s arsenal, including botnets, spam, DDoS attacks, identity theft and Cryptolocker,” says Haybatov. “Email offers a very cheap way for cybercriminals to reach mass audiences.”
Some of the most dangerous ways that email can be misused include:
Haybatov affirms the problem is diverse and widespread.
“For instance, around 75% of email traffic is believed to be spam and some botnets contain millions of infected computers,” Haybatov says. “The use of compromised accounts to send fake emails with viruses, Trojans, Crypolockers or links to harmful sites on behalf of the account owner is becoming more sophisticated. People tend to trust emails from the known accounts, which makes them more dangerous, particularly when you have banks using email to allow customers to reset their passwords or internal business emails that request for payments to be made.”
A common solution that is recommended to email account holders is to change the password. While having a more complex password does minimise the threat of direct account hacking, Haybatov stresses it is not enough.
“Security solutions need to be all-encompassing and businesses must ensure they take the proper precautions to protect consumer data,” Haybatov say. “The general trend in Europe is towards giving the customers an option to control what sort of personal data the businesses require and can access. European legislation forces businesses to protect customer data including emails, or face huge penalties (up to 10M Euros) and Australia and New Zealand should follow suit, including immediately disclosing all customer data leaks.”
According to Haybatov, businesses need to think beyond perimeter protection, amd adopt solutions that protect data itself using robust encryption technology.
“Focusing on solutions that provide end-to-end uninterrupted encryption is also critical,” Haybatov says. “Most email providers do not provide that at the moment because customers are not demanding it.”