There has recently been a rise in the frequency and quality of many internet scams, including “phishing” scams. Phishing scams typically involve “casting out” a mass email spam that appears to be reputable companies requesting information from their clients. The idea being that a few people will fall for the scam, allowing the scammers to use the identity of the individuals who “took the bait” to obtain resources illegally using the victims credit card numbers, bank accounts, etc. There are a tremendous amount of articles on the web about these scams, and plenty of resources to help with the specific issues, the focus of this article is not to address the specific scams but instead to talk about email security issues and common misconceptions. A list of resources will be provided at the end of the article for interested parties who desire more information.
One of the most common misconceptions in the world of email, is that email is a secure means of communication. In most cases this is not true. The typical email setup affords a user very little privacy or security. A good rule of thumb is, don’t type or send anything via email that you wouldn’t want made public, because it could quite easily end up just that. To address this problem, there are alternative ways to transmit your message text and attachments securely. These technologies involve encrypting the contents of the message and any attachments and only allowing the message to be decrypted by the legitimate recipient. Businesses may also opt to utilize systems that allow for the sharing of files in a repository that includes authentication and encrypts all the data using secure protocols. These systems are ideal solutions for companies that have users and clients in multiple locations. A real world example of a system like this is one where clients upload their confidential files using a login and password provided by the vendor to the repository. Then the vendor receives an alert with a link to the file that they can then download via a secure connection from that repository. The data in turn never travels on the unsecured network without being encrypted, protecting its contents from potential snoops that may be operating in its path.
In closing, if we as businesses and individuals educate ourselves and take precautions to secure our private information. We will keep our data private, and discourage all the would be snoops from using the data against us or for their own gain.
Internet Fraud Watch – Information Center
US Secret Service – Financial Crimes Division
Social Security Online – Identity Theft And Your Social Security Number
Reducing the Risk of Identity Theft