Email security is a concern for most people, both in work and privately. Most people have received spam email claiming to have sensitive information on you and asking for a ransom before it’s released. Or emails masquerading as legitimate contacts containing links to harmful malware which can infect local devices or even across the entire company network. Security of emails in transit is also important but not as widely discussed.
What is Email Phishing
Email phishing is effectively spam email that attempts to use the content in the email as bait, either for you to reply, to click a link to a dodgy website, or to download attachments which contain malware or ransomware. For more information see our Email Phishing page.
What is Anti-Spoofing
Anti-spoofing is where a cyber attacker pretends to access your systems, websites etc from an incorrect source IP (ie pretending to be someone they are not) and once has access is able to perform a Dos (Denial of Service). This in turn means no one can access your data, for example your website.
Using DKIM
Creating and managing DKIM (DomainKeys Identified Mail) provides email authentication which is used to give the recipient server confidence that the email is from who it says it’s from.
DKIM is configured on domains that you send email from. All email services provided with us has DKIM configuration, some cloud based email services have it to some extent but you should check what you have in place. DKIM keys should be updated every 12 months, again this is a service that we provide.
Using TLS
Transport Layer Security (TLS) is a cryptographic protocol that provides security when two devices are communicating, particularly websites and emails. This is a setting that is available with most hosting, however it depends if it is available and secondly if your administrator has correctly configured it. This is what we assess when we do our diagnostic and all email and websites hosted with us are correctly configured for security.