Which of the following is a disadvantage of a personal visit for post-sale follow-ups?

Examples of email attacks

Email is the most common vector for cyber attacks. Methods include spamming, phishing, spoofing, spear-phishing, business email compromise and ransomware. According to a list of cybersecurity threats compiled by TechJury, about 91% of cyber attacks launch with a phishing email.

The following are some common methods of using email to conduct cyber attacks:

• Spamming. Email spam, also known as junk email, is unsolicited bulk messages sent through email. The use of spam has been growing in popularity since the early 1990s and is a problem faced by most email users. Recipients of spam often have had their email addresses obtained by spambots, which are automated programs that crawl the internet looking for email addresses. Spammers use spambots to create email distribution lists. A spammer typically sends an email to millions of email addresses, with the expectation that only a small number will respond or interact with the message.
• Phishing. This is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels. The attacker uses phishing emails to distribute malicious links or attachments that can perform a variety of functions, including extracting login credentials or account information from victims.
• Spoofing. Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a popular tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate or familiar source. The goal of email spoofing is to get recipients to open, and possibly even respond to, a solicitation.
• Spear phishing. Spear-phishing attacks target a specific organization or individual, seeking unauthorized access to sensitive information. Spear-phishing attempts aren't typically initiated by random hackers but are more likely to be conducted by perpetrators out for financial gain, trade secrets or military information.
• Business email compromise (BEC). A BEC is an exploit in which the attacker gains access to a corporate email account and spoofs the owner's identity to defraud the company or its employees, customers or partners of money. In some cases, an attacker simply creates an account with an email address that's similar to one on the corporate network. A BEC is also referred to as a man-in-the-email scam.
• Ransomware. Ransomware is a subset of malware in which the data on a victim's computer is locked, typically by encryption, and payment is demanded before the ransomed data is decrypted and access is returned to the victim. The motive for ransomware attacks is nearly always monetary, and unlike other types of attacks, the victim is usually notified that an exploit has occurred and is given instructions for how to recover from the attack. Payment is often demanded in a virtual currency -- such as bitcoin -- so that the cybercriminal's identity isn't known.

Email security

Email is designed to be an open and accessible platform that enables users to communicate with each other and with people or groups within an organization. As a result, it isn't inherently secure, and email security is vital. Email security describes the various techniques that individuals, organizations and service providers can use to protect sensitive information kept in email communications and accounts from unauthorized access, loss or destruction.

Organizations should implement the following best practices to ensure proper email security:

Password rotations. Individuals can proactively protect their accounts by creating strong passwords and changing them frequently.

Spam filters. Users should also create spam filters and folders to separate potentially malicious emails and junk mail, as well as install and run antivirus and antimalware software on their computers. Service providers should install firewalls and spam-filtering software apps to protect users from unrecognized, malicious or untrustworthy messages.

Secure email gateway. Organizations can protect themselves from threats by setting up an email security gateway. Email gateways process and scan all received emails to prevent attacks from reaching their intended recipients. A multilayered gateway is the best approach, since attacks are becoming increasingly more complicated and sophisticated. Training employees on how to properly use email and how to distinguish malicious messages can also help users avoid threatening mail that the gateway doesn't catch.

Automated email encryption. Automated email encryption software can be used to scan all outgoing messages for potentially sensitive information. If the material is considered sensitive, then the content should be automatically encrypted before it's sent to the intended recipient. This process prevents attackers from gaining access to this information, even if they intercept it. Only recipients with permission to view the email can see the decrypted content.

Access control standards. Email service providers can also improve email security by establishing strong password and access control standards and mechanisms.

Digital signatures and encryption. In addition to organizations using automated encryption software, providers should also use encryption and digital signatures to protect emails in transit and in users' inboxes.

Popular email sites

Some examples of popular, free email websites include the following:

• Gmail is a free email service provided by Google. Gmail also offers paid plans for business users that include extra storage, advanced features and support options. According to Litmus in its "July 2022 Email Client Market Share" update, as of April 2022, Gmail holds 29.5% of the email client market share.
• Microsoft Outlook is available as part of the Microsoft Office suite and offers both free and paid versions. Microsoft Outlook works across several operating systems and devices and provides features such as deleted email recovery and automatic email organization.
• Yahoo Mail was launched in 1997 and is one of the oldest webmail clients available. Yahoo Mail is useful for personal emails and comes in a mobile app version.
• AOL Mail was one of the most popular email services in the past and is now a part of Verizon Communications. It offers an unlimited mailbox size and lets users link their AOL Mail to other email accounts, such as Outlook and Gmail.
• Zoho Mail was launched in 2008 and is part of the Zoho Office Suite. This email client provides great security and affordable plans for both personal and business use. According to a survey conducted by Zoho, it had 15 million users worldwide in 2020.
• ProtonMail offers enhanced security and end-to-end encryption. It also provides features including Proton Calendar and Proton Drive.
• iCloud Mail is a free email address for Apple users and comes preinstalled on Apple devices. As long as a user has an Apple account, they can connect to iCloud mail using their Gmail, Yahoo Mail or AOL email address. ICloud Mail offers each account 5 GB of cloud storage and additional space can be purchased.

Origin of email

Scientists at MIT developed a program called Mailbox that enabled the exchange of messages between time-sharing computers within one lab. In 1971, Raymond Samuel Tomlinson, a developer at Bolt, Beranek and Newman -- now Raytheon BBN Technologies -- executed the first email program on the Advanced Research Projects Agency Network (ARPANET), the precursor to the internet. Tomlinson designed a messaging program for use on the PDP-10 computer consisting of two individual programs, SNDMSG for sending mail and READMAIL for retrieving mail.

Email is the most common point of entry for cybercriminals into a network. Learn about the top 3 email security threats and how to defend against them.

This was last updated in October 2022

Continue Reading About email

• Top 11 email security best practices

• Browse 9 email security gateway options for your enterprise

• Why you need an email security policy and how to build one

• Phishing protection: Keep employees from getting hooked

• How SPF records prevent email spoofing, phishing and spam