Presentation is loading. Please wait.

Presentation is loading. Please wait.

SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

Published byJulia Ellis Modified over 8 years ago

Similar presentations

Presentation on theme: "SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly."— Presentation transcript:

1 SHASHANK MASHETTY Email security

2 Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly used services on the Internet allowing people to send messages to one or more recipients. Modern email operates across the internet and computer networks. The messages can be notes entered from the keyboard or electronic files stored on the disk.

3 Why do we need secure email?  Protect sensitive data  Prove authenticity to recipients  Send attachments that are normally filtered  Avoid the junk folder

4 Email security enhancements  Authentication  Confidentiality  Confidentiality and authentication  Message intigrity

5 Threats enabled by e-mail  Spam  Spoofing  Phishing  Disclosure of sensitive information  Exposure of systems to malicious code  Denial-of-service(dos)  Un authorized access

6 Email threats  Spam  spam is the scourge of email around the world  it makes as 95% of all email on the internet  spammers get e-mail address from new groups, un scrupulous web site operators  A large proportion of spam contains malware or links to web sites that contain malware

7 Email threats  Spoofing  Email spoofing occurs when an attacker sends you an email pretending to be some one to you  Email spoofing is easy to do and very difficult to trace the real sender.  Phishing  Phishing e-mails appear very authentic and often include graphics or logos that are actually from your bank.

8 Email based attacks  Active content attack - clean up at the server  Buffer over-flow attack - fix the code  Shell script attack - scan before send to the shell  Trojan horse attack - use do not automatically use the macro option

9 Choices available in the secure email  PGP ( pretty good policy )  S/MIME  Special providers  SSL/TLS web browser based email  SSL/TLS POP/SMPS email

10 PGP  Functionality: -encryption for confidentiality -signature for non repudiation/authenticity  Requires key exchange and key management  Not scalable  Small industry support  Can only exchange secure email with other PGP users

11 S/MIME  Similar to PGP, requires administrator installation and configuration support intensive  User must download and install software  Many installations have failed due to complexity  Can only exchange emails with other S/MIME users

12 Special providers  Managed services using S/MIME with PKI key exchange  Appliance based services with special hardware requires integration  expensive

13 Secure web mail  Nothing to download or install, no support issues beyond typical email.  Works with any web browser  Uses SSL/TLS security, same system used by banks, visa, etc  Easy to add, manage users  No training is needed it is simple

14 POP/SMTP Secure Mail  Works with all email programs  Uses SSL/TLS security same system used by banks, visa, etc  Easy to set up, no download or installation, same issues as traditional email

15 Steps to secure mail  Generate an identity  Configure secure email software  Get public keys for recipients  Start sending secured messages

16 Tips to be secure  Never click on a suspect e-mail.  Never reply to a suspect email with personal information  Look at the grammatical errors in the email  Contact your bank via telephone ( get the telephone number from the website rather than the email you received ) if you suspect a fraud  Watch for the small changes on your financial statements to avoid detection

17 Questions?

Download ppt "SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Basic Communication on the Internet:

Basic Communication on the Internet:
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
How secure is your email? Secure Email Primer Presented by 4SecureMail.com.

How secure is your ? Secure Primer Presented by 4Secur .com.
Lesson 7: Business, , & Personal Information Management

Lesson 7: Business, , & Personal Information Management
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.

Privacy - not readable Permanent - not alterable (can't edit, delete) Reliable - (changes detectable) But the data must be accessible to persons authorized.
Quiz Review.

Quiz Review.
» Explain the way that electronic mail (e-mail) works » Configure an e-mail client » Identify e-mail message components » Create and send e-mail messages.

» Explain the way that electronic mail ( ) works » Configure an client » Identify message components » Create and send messages.
Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.
 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.

 ENGR 1110 Introduction to Engineering – Cyber Security Allison Holt, Adam Brown Auburn University.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
Masud Hasan 03-60-475 Secure Email Project 1. Secure Email It uses Digital Certificate combined with S/MIME capable email clients to digitally sign and.

Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Security Issues: Phishing, Pharming, and Spam

Security Issues: Phishing, Pharming, and Spam

Similar presentations

Ads by Google