Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Email Security

No description
by

Faham Usman

on 22 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Email Security

Information Security
Email Security
Awareness Campaign
Agenda
Salim is your Cyber Security Advisor.
Aims at promoting, building and ensuring a safer & secure cyber environment and culture in the UAE.
About aeCERT
One of the initiatives of the UAE Telecommunications Regulatory Authority.
aeCERT is the United Arab Emirates Computer Emergency Response Team.
About aeCERT
Securing Email
Email Security
Worldwide Phishing Attacks
Phishing
aeCERT
Salim (aeCERT)
@salim_aecert
For more information
www.aecert.ae
info@aecert.ae
Questions
Spam consumes a lot of network bandwidth.

Spam emails can not be prevented unless the online service provider institutes a policy that prevents spammers from spamming their subscribers.

Protect data

Maintain authenticity of sender and the recipient

Avoid junk emails
Following is the list of webmail plugins that can be used for secure communication:

Mymail-Crypt
Use encryption and digital signatures

Configure secure email software

Use complex passwords for your email

Never share your email password

Use secure email standards such as S/MIME and OpenPGP

Always log out of email websites when you are done emailing

Everyone uses email
Spam is an electronic Junk Mail.

Do not reply to spam messages.

Spam is used to distribute viruses and other malicious code.

Spam is also used for advertising products through mailing lists or newsgroups.
Fake website designed to harvest your login and password.

They then exploit that trust to get what they want such as your identity and bank account.

User is usually directed to a website that looks similar to a popular site but is actually an illegitimate website.

The user is asked to fill in personal information such as username/password of online banking, credit card information, social networking credentials, etc.
You may have seen emails that appear to come from your bank or other online financial institutions.

Commonly Seen Commercial Examples:

Phishing is not anything new and many of you may have seen examples in emails from your personal / at-home email accounts.

Antivirus

Anti-spam

Secure Email Gateway

Email Firewall

Email Archiving

Phishing Protection

Cloud-based Email Security
Source: http://graphs.net/201304/facts-and-statistics-about-email.html
Securing Email
Email
Why Secure Email?
Email Threats
Email Protocols - Cleartext
Email Protocols - Encrypted
Secure Email Communication
Secure Email Communication
Email Security Solutions
Secure Email Gateway
Phishing
Phishing
Phishing Email
eBay, PayPal, all banking and financial institutions

Example of Phishing Email
Identifying Phishing Email
Phishing Website
Phishing Website Hosting
Worldwide Phishing Attacks
Top 10 Phishing Target Countries
Spam- What is it?
Spam
Spam
Spam Statistics
Source: http://www.securelist.com/en/analysis/204792291/Spam_in_Q1_2013
Spam Statistics
Global Spam Categories
Infected By Email
Email Security
Register your personal Email on selected and trusted websites only to avoid spam.

Never reply to spam.

Scan Email attachments before opening them.

Prevent forwarding unnecessary chain emails.
Email Security
Limit the size of email to prevent wastage of bandwidth.

Avoid sending sensitive information over email but in case its necessary, use encryption.

Use digital signature which is a digital code that verifies the authenticity of the email sender.
Region-wise Email Usage
Secure Email Practices
PGP (Pretty Good Privacy)
PGP is a method to encrypt(code) and decrypt (decode) email over the internet.

Purpose is to protect privacy of the email.

PGP uses public key method (two keys are used i.e. public and private).

Message is encrypted using a public key which is publicly available while the private key is limited to a particular user who uses it to decrypt the message.
Scenario: PGP Implementation
Email Security Policy
Webmail Plugins
Mailvelope
Webmail Plugins
Webmail Plugins
Enigmail
Webmail Plugins
GPG4Win
Full transcript