The technological challenges of e-mail security

E-mail security continues to be a problem for users at all levels. The baffling array of attacks, including phishing, whaling and business e-mail compromise, shows no sign of letting up in 2018. IT professionals, for the most part, have taken a laissez-faire approach: train users more in ways to avoid e-mail attacks and hope for the best.

But how do you train users when two-thirds of inbound phishing attacks use the company’s own domain name? That makes such scams extremely difficult to detect, according to an article published on the IDG Contributor Network.

Since e-mail is now used by as many as half the humans on the planet, according to research by Radicati, it remains the most effective and inexpensive way to reach out to friends, family and business contacts.

So if it’s clear e-mail isn’t going anywhere, how do we solve its inherent problems?

Security Made Easier

I have spent the last 25 years studying web-based issues and have a number of patents in the cybersecurity area. More recently, I’ve been focusing my efforts on e-mail security and working to comprehensive solutions that are compatible with existing systems, but at the same time improves e-mail security and functionality.

Let’s face it: e-mail is in dire need of an update since the existing design and architecture allows for virus attacks, spam abuse and other major security concerns.

Spammers are becoming more creative in their ways to get you to click on their links, including using dummy web pages that look like the real thing and then encouraging you to enter your user name and password. You need to be more careful than ever, checking the e-mail address in the from field and rolling over the link with your mouse to see if the web address is legitimate. Keep in mind, most financial institutions will never send you e-mail with links; they usually call or send a letter.

Advances in my patents include: the secure transfer of e-mail messages through existing clients and without necessitating changed e-mail addresses. That’s critical since most other secure e-mail systems (Hushmail, Proton, etc.) require you to use their domain address.

In addition, the system can track all actions performed in connection with an e-mail transmission and has the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve and open the e-mail message or not.

The Authentication Route

Experts believe e-mail authentication will become more mainstream in both the public and private sectors, shifting from merely deploying authentication to enforcement, where a domain’s published e-mail policy directs mail servers worldwide to block unauthenticated e-mail. In the private sector, this shift will be driven by marketing departments, who view authenticated email as a brand protection tool, as it can also increase e-mail deliverability.

Authentication may seem like a complex route, but it’s already in use by banks, credit card companies and secure cloud services, so why wouldn’t we authenticate the most fundamental form of communications that business uses today — the simple e-mail message?

Advertisement

How We’re Making E-Mail Better, From Security to Productivity To Addressing Junk Mail

E-mail. It’s way better than snail mail – faster and more efficient, and you don’t have to worry about rooting around for a stamp when you want to send the traditional kind of non-digital message or card or letter.

But in other respects, sometimes you kind of yearn for tradition.

Like, when was the last time you got a hard copy letter in your real mailbox from a Nigerian scamlord? And I’m betting you easily get ten times the “special offers” and other types of junk mail in your in-box (despite the best filters) than your friendly neighborhood letter carrier carts around to hand-deliver to you.

For all the drawbacks of e-mail, it’s become a ubiquitous and vital tool, one that keeps us connected and communicating more effectively than anything else that humankind has come up with. After all, what other tool can lay claim to 3.7 billion global users who send 269 billion messages every day?

We just have to make it better

That’s what a lot of people are doing, addressing the different points of pain that make the user experience something that’s not as optimal as it should be, when you think about it. It has been nearly 25 years since it became one of the first major transformations of the Internet Age. Isn’t it time?

Optimization is what one e-mail innovator, Rahul Vohra, has sought to accomplish with Superhuman. This app is not just super looking, but it’s faster than a speeding bullet. The idea is to enhance productivity, not just through speed, but also by bundling features like read statuses and undoing sends. It negates the need for all those browser extensions.

Edison is a different take, an automated e-mail assistant that interacts with Edison (the AI) and does everything from unsubscribing from junk mail lists to managing your contacts and bills. It’s another e-mail productivity tool.

On a different front are a series of handy tools to save you from those annoying e-mail trackers that add immensely to your junk mail overload. (How bad is it? Over 40 percent of all the e-mails sent every day are tracked.) One is called Senders. It requires no special software or plugins, intercepting e-mails, scanning for tracking codes and scrubbing when they are found. Another app, Ugly Email, detects and highlights messages in Gmail boxes embedded with tracking software.

Some of the patents around email communication that I have worked on are designed to address a much broader expanse of issues – with improved security at their heart. Working in tandem with all e-mail clients, we enable secure messaging transfer and tracking, for example, along with “for your eyes only” features and a configurable, cryptographic engine for storage.

Today’s e-mail system may not be perfect, but we are seeing many innovations that are making our use of it faster and better and more secure. Yes, it is about time.