Professional Documents
Culture Documents
Ilemona Seminar
Ilemona Seminar
ON
AN OVERVIEW OF EMAIL SECURITY
PRESENTED
BY
ISAAC ILEMONA FRANCIS
FPI/HND/COM/22/048
DEPARTMENT OF COMPUTER SCIENCE,
SCHOOL OF TECHNOLOGY.
SUPERVISED BY:
MR. OBETA S.C
1
Abstract
1.1 Introduction
Email remains one of the most prevalent forms of communication in the digital age,
utilized by billions of individuals and businesses worldwide. Despite its convenience and
efficiency, email systems are constantly under threat from various cyber attacks. These
threats include phishing scams, malware distribution, and spam, all of which can lead to
data breaches, financial loss, and reputational damage. Consequently, securing email
communications is of paramount importance. This seminar provides an in-depth
exploration of email security, addressing the threats faced and strategies for safeguarding
email systems.
1.2 Aim
The literature on email security encompasses a wide range of studies and reports that
analyze both the nature of email threats and the strategies to mitigate them. Early studies
focused on the prevalence of spam and the economic impact of email-based threats
(Goodman, 2004). As cyber threats evolved, research expanded to include sophisticated
phishing techniques and the use of malware in targeted attacks (Jagatic et al., 2007).
Recent literature emphasizes the role of advanced technologies such as machine learning
and artificial intelligence in detecting and preventing email threats (Sahni et al., 2017).
Additionally, guidelines and best practices for email security have been developed by
cybersecurity organizations to assist in protecting email communications (NIST, 2020).
1. Phishing: Phishing attacks involve malicious actors sending emails that appear to be
from legitimate sources to trick recipients into disclosing sensitive information, such
as passwords or credit card numbers (Jakobsson & Myers, 2007).
2. Malware: Emails can be used to distribute malware, including viruses, ransomware,
and spyware, which can infect and compromise computer systems (Symantec, 2019).
3. Spam: Unsolicited bulk emails, or spam, can clutter inboxes, consume bandwidth,
and serve as vectors for other types of attacks (Goodman, 2004).
4. Spoofing: Email spoofing occurs when the sender's address is forged to appear as if it
comes from a trusted source, often used in conjunction with phishing (Kumar &
Kumar, 2013).
5. Business Email Compromise (BEC): BEC attacks target organizations by
impersonating executives or business partners to trick employees into transferring
funds or divulging confidential information (FBI, 2020).
3
1.5 Ways to Secure Our Emails
1. Email Encryption: Encrypting emails ensures that only the intended recipient can
read the content, protecting sensitive information from interception (Garcia &
Horowitz, 2002).
2. Multi-Factor Authentication (MFA): Implementing MFA adds an additional layer of
security by requiring users to provide multiple forms of verification before accessing
their email accounts (Microsoft, 2019).
3. Spam Filters and Anti-Malware Software: Utilizing advanced spam filters and anti-
malware solutions helps detect and block malicious emails before they reach users'
inboxes (Cisco, 2020).
4. Security Awareness Training: Educating users about email security best practices
and how to recognize phishing attempts can significantly reduce the risk of successful
attacks (ENISA, 2019).
5. Domain-Based Message Authentication, Reporting & Conformance (DMARC):
Implementing DMARC policies helps prevent email spoofing by verifying the
authenticity of the sender's domain (DMARC, 2020).
1.6 Benefits
Reduced Risk of Data Breaches: Effective email security measures mitigate the risk of
data breaches caused by phishing and malware attacks.
Enhanced Trust and Reputation: Organizations that prioritize email security can enhance
their reputation and build trust with clients and partners.
4
Compliance with Regulations: Adhering to email security best practices helps
organizations comply with data protection regulations such as GDPR and HIPAA (EU
GDPR, 2018).
1.7 Conclusion
5
References
FBI. (2020). Business Email Compromise: The 5 Billion Dollar Scam. Federal Bureau of
Investigation.
Garcia, M., & Horowitz, D. (2002). Email Encryption. Computer Security Journal, 18(3).
Jakobsson, M., & Myers, S. (2007). Phishing and Countermeasures: Understanding the
Increasing Problem of Electronic Identity Theft. Wiley.
Jagatic, T. N., Johnson, N. A., Jakobsson, M., & Menczer, F. (2007). Social Phishing.
Communications of the ACM, 50(10), 94-100.
Kumar, A., & Kumar, R. (2013). Email Spoofing and Countermeasures. International
Journal of Advanced Research in Computer Science and Software Engineering.
NIST. (2020). Guidelines on Electronic Mail Security. National Institute of Standards and
Technology.