Email security is the set of methods used for keeping email correspondence and accounts safe from these attacks. The most widely used method is also the easiest to crack, so that is what we are going to focus on.
Email Encryption Off The Hook
When it comes to protecting email with end-to-end encryption, encryption without encryption. Now as with most things in the digital world, this is harder than it sounds. But it’s not impossible.
Here’s how it works. A private key and a public key are created from your email address. Using those private keys, you encrypt your email messages to both you and to others. While those messages are encrypted, they can only be decrypted with the public key.
With email encryption, if the attacker somehow gained your private key, they could then decrypt your messages. That’s not a very good scenario for a targeted attack, since you could never retrieve the private key and thus be able to use it to decrypt the messages. Check websites like https://www.fortinet.com/products/email-security to know how you can protect yourself from these attacks.
There’s a weakness in the security offered by this method, however, and that is the backdoor that requires someone who owns the private key to decrypt the messages. This can be a problem for things like social engineering, as it is easier for an attacker to impersonate someone.
However, one weakness the sender might be able to exploit is that the sender’s mailbox was just so-called plaintext. That means you don’t need a key to see the contents of their emails, which means they could just fake them with other data like a PDF file.
Modern email clients handle encryption in much the same way as they handle other data: they use key pairs and a password to encrypt messages. Many other services provide the same functionality, but don’t encrypt message folders. This means email clients have to ask for a private key to open the folders.
How to Put An End To Online Email Breaches
Luckily, email encryption is relatively easy to implement. There are three simple steps:
Write and store the contents of the email and private key securely offline (preferably using an offline email app such as Unroll.me) Use a password manager like 1Password to maintain two-factor authentication: Create a master password and a set of two-factor credentials (such as a phone number and one-time password) and store the master password securely offline When one of those two-factor credentials is used to access your email account, use 1Password to generate a set of one-time passcodes for every email account. A hacker would not have access to the master password or credentials if you would store them on your own computer. If a hacker has gotten your password, he or she would not be able to read your messages or decrypt your private keys, but they could still monitor the contents of your email accounts and perform data breaches and impersonation.
