A SEMINAR TOPIC

ON
AN OVERVIEW OF EMAIL SECURITY

PRESENTED

BY
ISAAC ILEMONA FRANCIS
FPI/HND/COM/22/048
DEPARTMENT OF COMPUTER SCIENCE,
SCHOOL OF TECHNOLOGY.

FEDERAL POLYTECHNIC IDAH.

KOGI STATE

SUPERVISED BY:
MR. OBETA S.C

In partial fulfillment of the requirement for the award of Higher

National Diploma in Computer Science.

May 21, 2024

1
 Abstract

Email is a fundamental communication tool used globally in personal and professional

contexts. However, its widespread use makes it a prime target for cyber threats such as
phishing, malware, and spam. Ensuring the security of email systems is crucial to protect
sensitive information and maintain the integrity of communications. This seminar
provides an overview of email security, examining the various threats facing email and
exploring methods to enhance email security. By reviewing current literature and best
practices, we aim to offer comprehensive insights into protecting email systems from
evolving cyber threats.

Keywords: email, communication, cyber, threats, malware.

1.1 Introduction

Email remains one of the most prevalent forms of communication in the digital age,
utilized by billions of individuals and businesses worldwide. Despite its convenience and
efficiency, email systems are constantly under threat from various cyber attacks. These
threats include phishing scams, malware distribution, and spam, all of which can lead to
data breaches, financial loss, and reputational damage. Consequently, securing email
communications is of paramount importance. This seminar provides an in-depth
exploration of email security, addressing the threats faced and strategies for safeguarding
email systems.

1.2 Aim

The aim of this seminar is to provide a comprehensive overview of email security,

highlighting the threats to email systems and discussing effective measures to enhance
their security.

The following are the objectives of the project

a) To understand the various threats targeting email systems.

2
 b) To outline methods and technologies to secure email communications.
c) To evaluate the benefits of implementing robust email security measures.

1.3 Literature Review

The literature on email security encompasses a wide range of studies and reports that
analyze both the nature of email threats and the strategies to mitigate them. Early studies
focused on the prevalence of spam and the economic impact of email-based threats
(Goodman, 2004). As cyber threats evolved, research expanded to include sophisticated
phishing techniques and the use of malware in targeted attacks (Jagatic et al., 2007).
Recent literature emphasizes the role of advanced technologies such as machine learning
and artificial intelligence in detecting and preventing email threats (Sahni et al., 2017).
Additionally, guidelines and best practices for email security have been developed by
cybersecurity organizations to assist in protecting email communications (NIST, 2020).

1.4 Threats Facing Email

Email systems face numerous threats, including:

1. Phishing: Phishing attacks involve malicious actors sending emails that appear to be
from legitimate sources to trick recipients into disclosing sensitive information, such
as passwords or credit card numbers (Jakobsson & Myers, 2007).
2. Malware: Emails can be used to distribute malware, including viruses, ransomware,
and spyware, which can infect and compromise computer systems (Symantec, 2019).
3. Spam: Unsolicited bulk emails, or spam, can clutter inboxes, consume bandwidth,
and serve as vectors for other types of attacks (Goodman, 2004).
4. Spoofing: Email spoofing occurs when the sender's address is forged to appear as if it
comes from a trusted source, often used in conjunction with phishing (Kumar &
Kumar, 2013).
5. Business Email Compromise (BEC): BEC attacks target organizations by
impersonating executives or business partners to trick employees into transferring
funds or divulging confidential information (FBI, 2020).

3
1.5 Ways to Secure Our Emails

Securing email communications involves a multi-faceted approach, including:

1. Email Encryption: Encrypting emails ensures that only the intended recipient can
read the content, protecting sensitive information from interception (Garcia &
Horowitz, 2002).
2. Multi-Factor Authentication (MFA): Implementing MFA adds an additional layer of
security by requiring users to provide multiple forms of verification before accessing
their email accounts (Microsoft, 2019).
3. Spam Filters and Anti-Malware Software: Utilizing advanced spam filters and anti-
malware solutions helps detect and block malicious emails before they reach users'
inboxes (Cisco, 2020).
4. Security Awareness Training: Educating users about email security best practices
and how to recognize phishing attempts can significantly reduce the risk of successful
attacks (ENISA, 2019).
5. Domain-Based Message Authentication, Reporting & Conformance (DMARC):
Implementing DMARC policies helps prevent email spoofing by verifying the
authenticity of the sender's domain (DMARC, 2020).

1.6 Benefits

Implementing robust email security measures provides several benefits:

Protection of Sensitive Information: Securing email communications prevents

unauthorized access to sensitive data, protecting both personal and business information.

Reduced Risk of Data Breaches: Effective email security measures mitigate the risk of
data breaches caused by phishing and malware attacks.

Enhanced Trust and Reputation: Organizations that prioritize email security can enhance
their reputation and build trust with clients and partners.

4
Compliance with Regulations: Adhering to email security best practices helps
organizations comply with data protection regulations such as GDPR and HIPAA (EU
GDPR, 2018).

1.7 Conclusion

Email security is an essential aspect of cybersecurity that requires continuous attention

and improvement. By understanding the various threats facing email systems and
implementing comprehensive security measures, individuals and organizations can
protect their communications and sensitive information from cyber threats. This seminar
highlights the importance of adopting a multi-layered approach to email security,
combining technology, education, and best practices to effectively safeguard email
systems.

5
 References

Cisco. (2020). Cisco 2020 Data Privacy Benchmark Study. Cisco.

DMARC. (2020). DMARC: Domain-Based Message Authentication, Reporting &

Conformance. Retrieved from https://dmarc.org

ENISA. (2019). Phishing - ENISA. European Union Agency for Cybersecurity.

FBI. (2020). Business Email Compromise: The 5 Billion Dollar Scam. Federal Bureau of
Investigation.

Garcia, M., & Horowitz, D. (2002). Email Encryption. Computer Security Journal, 18(3).

Goodman, J. (2004). Spam: Technologies and Policies. Microsoft Research Technical

Report.

Jakobsson, M., & Myers, S. (2007). Phishing and Countermeasures: Understanding the
Increasing Problem of Electronic Identity Theft. Wiley.

Jagatic, T. N., Johnson, N. A., Jakobsson, M., & Menczer, F. (2007). Social Phishing.
Communications of the ACM, 50(10), 94-100.

Kumar, A., & Kumar, R. (2013). Email Spoofing and Countermeasures. International
Journal of Advanced Research in Computer Science and Software Engineering.

Microsoft. (2019). Multi-Factor Authentication: Secure Access to Data and Applications.

Microsoft.

NIST. (2020). Guidelines on Electronic Mail Security. National Institute of Standards and
Technology.