Experts Say Email Security is Unsafe With No Easy Fix
Email Security researchers revealed recently that the security used to protect emails so they can’t be read is not very safe, and cannot be reliably fixed, according to The Independent. Experts like the Electronic Frontier Foundation warn that consumers shouldn’t rely on secure emails to send or read messages, because they’re really not all that secure. There’s apparently a security vulnerability in PGP and S/MIME, two technologies that are very popular for making sure that emails can only be read by the people sending and receiving them. A lead researcher on the topic, Sebastian Schinzel, a professor of applied cryptography at the Muenster University of Applied Sciences, says “There are currently no reliable fixes for the vulnerability.” Read more here.
Many Australian Businesses Assume They Will Fall Victim to Email Fraud in the Near Future
In Proofpoint’s 2018 Understanding Email Fraud Survey, 2,250 senior IT decision makers across the U.S., U.K., France, Germany, and Australia were asked about their email fraud experiences from the last two years. 82 percent of leadership boards reportedly are concerned with email fraud, and over half consider it a top security risk. And they aren’t hopeful about future prospects. A whopping 80 percent of Australian businesses expect to fall victim to email fraud in the next 12 months, and many of them reported that they don’t have adequate protection against fraud in place currently.
Employees May Put Businesses At Risk For Email Security Issues
According to a recent global study by Dimensional Research, a business’s employees may be the weakest link in their cybersecurity processes. The study focused specifically on the current experiences that businesses have when it comes to staff behavior and associated email security risks. The study concluded that a business can have great email and cybersecurity processes and policies, but employees can still screw it up. Poor employee behavior — like carelessness, use of personal emails, and disregarding policies — can leave businesses vulnerable even at the most secure companies. Read the full story here.
Genealogy Service MyHeritage Leaked 92 Million Email Addresses and Passwords
On Monday, June 4, Genealogy service MyHeritage reported on its blog that a security researcher found 92 million email addresses and hashed passwords of its users on a private external server. The website has 96 million users worldwide, so the breach impacted most of the MyHeritage user base. Omer Deutsch, MyHeritage’s CISO, says MyHeritage has not detected abnormal activity related to the leaked accounts, and that the leak was limited. An information security response team has been set up to deal with the breach, which reportedly did not impact family tree and DNA data.