Types of Threats to E-mail Security on a Home Network
Malware, short for malicious software, is frequently spread via e-mail on home networks. This type of security threat to home networks — and computers in general — may even appear to come from someone you know and trust. E-mail also has some original threats of its own, including spam, spoofing, and phishing attacks.
E-mail security threat: Spam
Spam is the scourge of e-mail around the world. At times, it makes up as much as 95 percent of all e-mail on the Internet! Spammers get e-mail addresses from newsgroups, unscrupulous Web site operators who sell e-mail addresses to them, and malware that harvests e-mail addresses from hacked e-mail accounts. Spammers also guess e-mail addresses and sometimes just get lucky.
Spam causes a number of issues, including these:
Network congestion: Spam clogs your network pipes. Although e-mail is relatively small in size, receiving enough of it will cause congestion on your network. Worse yet, if your computer has become part of a botnet, you will definitely see a negative effect on your network as you could be unknowingly sending thousands of spam e-mails to others!
Distraction and clutter: Because spam can account for a large volume of e-mail, legitimate e-mails may get buried in your inbox or inadvertently deleted along with all the spam.
Malware: A large proportion of spam contains malware, or links to Web sites that contain malware.
The best protection against spam (other than not using e-mail at all) is to use a spam filter. Of course, this may not be an option on your home network (although some Internet service providers offer spam filtering as an additional service). If you don’t have a spam filter, you should also use any junk mail filtering options available in your e-mail software.
Never, ever, unsubscribe or reply to a spam e-mail. This only confirms to the spammer that your e-mail address is real. You should only unsubscribe from spam that you know you’ve subscribed to before (such as a newsletter or department store e-mail list).
E-mail security threat: Spoofing
E-mail spoofing occurs when an attacker sends you an e-mail pretending to be someone you know. Spoofing is analogous to sending a letter to someone and forging the return address on the envelope. Unfortunately, e-mail spoofing is easy to do, and very difficult to trace to its real sender.
You should always be leery of any e-mail you receive asking for money or sensitive information, even if it appears to be from someone you know and trust.
E-mail security threat: Phishing
Phishing (pronounced like fishing) e-mails have become a favorite weapon of identity thieves, and they are becoming increasingly difficult to spot. Most phishing e-mails purport to be from a banking or other financial institution (as well as Web sites such as PayPal), and every once in a while they get lucky and actually send an e-mail pretending to be from your bank.
Phishing e-mails appear very authentic, and often include graphics and logos that are actually from your bank. There may even be a link that actually takes you to your bank’s Web site. But buried somewhere in that e-mail is a link that takes you to a malicious Web site. Even if you don’t enter any personal information, clicking the link can infect your computer with data-stealing malware.
Follow these best practices to reduce your risk of becoming a victim of identity theft:
Never click a hyperlink in a suspect e-mail.
Never reply to a suspect e-mail with personal information (such as social security numbers, account numbers, and passwords).
Look for grammatical errors in the e-mail (but beware, identity thieves are getting more sophisticated).
Contact your bank via telephone (get the number from your bank’s Web site, not from the e-mail you received) if you suspect fraud.
If you subscribe to e-mail or text alerts from your bank or financial institution, you should be familiar with the format, content, and address of these messages. Be suspicious of anything you receive that is out of the norm.
Watch for small charges on your financial statements — to avoid detection, a thief is more likely to steal a few dollars from thousands of bank accounts rather than several hundred dollars from a few bank accounts.