Sept 20–Over time, our inboxes become our repositories for the records, receipts and the revolving door of other documents that make up our lives; both business and personal. In the past year, more of our lives have migrated onto the internet than ever before. As a result, our inboxes are piling up with content, much of which is extremely valuable to cyber criminals.
While the communications from colleagues could present opportunities for impersonation on the part of a hacker, so too could shared platform notifications, inbox ticket updates and software update notifications. As we download an increasing number of apps onto our desktops, we tend to accumulate an increased volume of corresponding inbox clutter.
Security implications of clutter
Email security applications are a core component of inbox protection. Experts also suggest that we may wish to apply a tool able to track who has opened an email, and when. While this might initially sound like an invasion of privacy, experts indicate that this could provide insights into what type of data may have been stolen and weaponized following a significant cyber security breach. Should email service providers offer clients more granular access to message viewing histories?
Access granted: The single login
Thousands or hundreds of thousands of messages are corralled in an inbox. For a user, accessing an older and obscure message represents a relatively effortless task. One simply searches through the inbox using relevant search terms. However, this ease of use is also a boon to hackers, who wish to rifle through messages in search of sensitive information. Adding additional inbox-based archive controls could help minimize the effects of an email-based breach.
The inbox presents a log of our lives. It also presents unparalleled “opportunities” for cyber criminals. As use of email in business and in personal pursuits continues to expand, cyber security teams need to consider new classes of tools and tactics to protect this environment.
Relying on previous methodologies for email protection is a start. At the same time, such measures may not be adequate in preventing and detecting advanced email-based threats. Given that our use of email has changed, organizations may need to change email protection methodologies.
To get more expert insights like this, along with cutting-edge analysis and premium cyber security resources, subscribe to the Cyber Talk newsletter here.