‫الفصل الدراسي الثاني للعام الجامعي ‪2020-2019‬‬

‫محمود معوض محمد عيسى‬ ‫إسم الطالب‪:‬‬

‫‪29610211700931‬‬ ‫الرقم القومي‪:‬‬
‫الثالثة‬ ‫الفرقة‪:‬‬
‫هندسة الكهرباء والحاسبات‬ ‫القسم العلمي‪:‬‬
‫‪Computer Security‬‬ ‫اسم المادة‪:‬‬
‫ا‪.‬د‪ /‬حاتم محمد عبدالقادر‬ ‫اسم عضو هيئة التدريس‬
‫ا‪.‬د‪/‬‬ ‫القائم بتدريس المقرر‪:‬‬

‫‪Research Project Title‬‬

‫‪E-Mail Security‬‬

‫غير مسموح بأي كتابة في هذا الجزء‬ ‫لالستخدام الرسمي الرسمي بواسطة الكلية‪:‬‬

‫أكثر من ‪%25‬‬ ‫أقل من ‪%25‬‬ ‫نسبة اإلقتباس‪:‬‬

‫لم يجتاز‬ ‫إجتاز‬ ‫تقييم البحث‪:‬‬

‫التوقيع _______________‬ ‫راسب‬ ‫ناجح‬ ‫الدرجة‬ ‫المصحح األول‬

‫التوقيع _______________‬ ‫راسب‬ ‫ناجح‬ ‫الدرجة‬ ‫المصحح الثاني‬
‫التوقيع _______________‬ ‫راسب‬ ‫ناجح‬ ‫الدرجة‬ ‫المصحح الثالث‬
 Abstract
In 1981 the world witnessed the first formation of a computer hacking in
Germany (Chaos Computer Club). Over time and with the spread of
hacking computer, protection and security for your computer has become
an urgent issue.

One of the most important protection matter is email security. Email is

one of the most prominent modern communication tools. It is rare for
someone who has not used email so it has also become one of the first
targets for the computer and phones hackers.

Consequently we should secure our emails in several ways to prevent

these breakthroughs.
 Introduction and Research Objectives
Due to the importance of email in this time and being a means of
identifying our digital identity, the damage from hacking e-mail is no
longer limited to violating the user's privacy, but rather extends to cheat
and theft of digital identity for abuse purposes. To prevent these danger, I
will present some easy steps that increase the protection measures for
your email.

Email security is the primary means of business and communications, and

its use is increasing day by day. It is used to transfer text messages and
transfer documents and spreadsheets, and since the data transmission
process is very sensitive, the integrity of this data is in question, and this
represents a problem; The door is open to contract details between
competing companies, and worse still, there are capabilities to falsify e-
mails, and there are reported habits of such attacks

In this research I will discuss:

- Definition of Email security.

- The need for email security.
- Email hacking and security methods.
- How secure is email?
- Email security policies.
- Email security best practices.
- Email security tools.
- The benefits of Email security.
 Content
Definition of email security:

Email is one of the modern means that helps to communicate quickly all
over the world through the computer, and it is also one of the first rapid
methods of communication that have emerged and happen between one
person to another. In the early days of the invention of email, it was
sometimes difficult to manage simple text messages, and add pictures or
documents, and that was possible if other programs exist, to transfer
information from email to a computer, and currently email programs
generally provide easy to use options, to link Photos, sounds, videos, and
full documents.

The use of email was restricted to government agencies, university staff,

or private groups who needed to communicate directly with their
members, and researchers and scholars were the first to use it.

Email security indicates to the safety procedures that used to secure

access and content of an email account or service. It permits to person or
organization to secure the overall access to one or more email addresses.

The need for email security

The email service helps to send and receive messages by digital .

devices through the Internet, and these messages are in the form of texts,
or drawings, or may be used to send audio files and animations between
users, and besides, the e-mail user can Send mail to a specific individual
or a specific group, or with a total of users during the same time, in
addition to providing many options for such correspondence as a
possibility to save, edit, print, etc.

Email is the key to most Internet applications and social media, as most
Internet accounts require logging in via email, so any hacking or theft of
your email will enable the hacker to access the rest of your accounts
linked with the email such as: Facebook, Twitter, Skype , Instagram, and
other services you registered with in the mail.

With the increase in cases of theft and fraud, a large number of users
wonder about the means of protection and methods of protecting mail
from penetration or intrusion, so we will refer in this article to the most
widespread methods of penetration and how to prevent them.

Email hacking and security methods.

- Attachments: these are the fields that are included with the
message. The sender of the message exploit it to attach some
malware. To avoid that don’t open any unexpected attachment
before antivirus scanning.

- Pishing: it’s one of the hacker’s favorite methods to steal your

email. Examples of this are many and renewed, including that you
receive a message in the same form and format as your email
service provider, or a message from your bank ask to edit your
information and to avoid falling into this hoax, it must be inferred
that there is a security lock in the side of the browser which
indicated the existence of a digital certificate for the site’s approval
to the login page. Caution and verification also must be done
before entering any private information on any website.
- Using more than one mail is the perfect method to deal with email
so one of them is dedicated to important and sensitive
correspondence. In this case it’s advised to avoid publishing your
email in general, choosing password of not less than 8 digit
consisting of number, letters and symbols, changing your password
from time to time and don’t browse your email except on your own
device.

- Use the markup-free text (HTML): when receiving email message

containing a font in many colors and sizes, it’s indicative that it’s
written in symbols (HTML). Therefore, information security
experts advise to receive a plain text without (HTML) symbols and
that to avoid two dangers :
1- Danger of violating privacy: when
someone send you a message
including (HTML) symbols he can
know a lot of information about you
such as your device IP, the time of
sending and receiving your messages,
operating system type and web
browser. Knowing this information by
the hacker makes your computer more
vulnerable to information security
risks.
2- Containing executive software: via
(HTML) symbols, the hacker can send
hidden malware inside coding and the
user can’t distinguish it.
- Safe contact : you can browse your email by this way:
1- By Hotmail and yahoo browser: in this way you should
be sure that the site supports encryption protocol (https).
You can find this out by showing a small lock icon in the
status bar of the browser.
2- Via mail management software such as Microsoft
outlook: In this case, you must make sure that you make
the correct settings when using a mail fetcher protocol
(POP3).

- The electronic signature: you can use the electronic signature in

case of need for reliable, official and commercial correspondence
that requires a greater degree of confidentiality and information.
The electronic signature does not mean he name or image that
appears in the bottom of the image the name or image that appears
in the bottom of the image but it mean that you should document
the message source by using digital certificate from trusted source.
This certificate have one general key and information about key
owner and also special key no one knows about it except the key
owner.

- How secure is email?

There are many solutions based on the codec-based public key. In
these systems the user has two token keys to maintain the security
of data sources; the first key is the public key known, and the other
is the key to maintaining confidentiality for the user.

PGP is one of the programs that is dedicated to providing privacy

and security. It also authenticates online communication systems.
 One of the most common uses of PGP is to secure email messages.
PGP protected email is converted to a series of unreadable
(encrypted text) characters and can only be decrypted using the
corresponding decryption key. The working mechanisms are
practically the same in securing text messages. There are also some
software applications that allow PGP to be implemented on top of
other applications which effectively add an encryption system to
the insecure messaging services.

Although PGP is mostly used to secure internet connections, it can

also be applied to encrypt individual devices. This means that PGP
may be applied to the disk partitions of a computer or mobile
device. Meaning that when encrypting the hard drive the user will
be asked to provide a password every time the system starts up.

- Email security policies.

Email for most people is his main personal account, used for everything
from staying in touch with friends and relatives in dealing with banks,
government, shopping sites and other services over the Internet and is the
main goal of cyber hackers so it is imperative that we all have to keep our
accounts as safe and secure as possible.

Here are some of the most important steps to keep unwanted people out
of your account:

- Password lock: The password is the basic standard for document so

we should choice password which makes it difficult to guess and
eliminate, and not re-used elsewhere. Do not share it with social
media sites.
- Secure the devices you use to access email on the web. Make sure
your devices deserve this trust. Keep computers and mobile phones
well protected against your malware leaks, with a properly
configured and updated quality security software.
- Log in with 2 factor authentication
 - Check your notification settings: Check all the settings every few
months, and have a good look at the security and privacy sections.
Look for any changes that may have been made by malicious
intruders or by the service provider in the context of an update or
hacker policy. You can also grant full access to your account,
including contacts as well as messages, to account representatives,
websites or apps.

- Email security best practices.

 You should know Common Phishing Schemes.
 Safeguard your email with an unbeatable password.
 Ban the personal use of the company emails.
 Execution of Two-Factor Authentication.
 Don’t open any unknown attachments.
 Use malware and virus scan.
 If you connect to public wi-fi, don’t open your inbox.
 Use a strong spam filter.
 Don’t click on “subscribe” button in unsafe emails.

- Email security tools.

Given how deeply e-mail is used in our daily lives, we need to give a
chance for e-mail security tools before it is tossed into the dustbin of
technology history.

Email security isn’t something to be underrated. Email can put users at

risk of scams, malware, phishing, stolen devices, and stolen passwords.
Without effective email security tools, you could be giving hackers a
direct path into your data and resources.
But finding the best email security software isn’t easy. The IT security
software market has become imbued with every email security program
supposed to be the best.

Here we have a list of many of the tools for email security:

- Solarwinds identity monitor is a comprehensive and dynamic email

security program. This program has combine scope, genuine
usefulness, and sophistication to deliver a truly enterprise-grade
email security tool. This program employs an attractive user
interface designed to be simple and easy to navigate the market.

Identity Monitor offers three main capabilities to prevent account

takeover:
1 Controlling your email ranges for any signs of exposure.
2 Reporting you of any infiltrated data.
3 Resetting passwords before they’re exposed.

- Proofpoint email security: This program controls every component

of sending and receiving email, identifying and blocking threats
before they deal damage. It also prevents private information from
being exposed, shared, or accessed by the wrong people. Email
security lets you establish email filtering policies as well as
complex firewall rules and antivirus policies.

- Mimecast: This program offers a cloud-based approach to email

security software. Cloud-based programs can be accessed from
anywhere, provided you have an internet connection. The
Mimecast solution is intelligent and continuously developing to
keep rapidity with increasingly insidious and developed threats.

It is a comprehensive program providing advanced threat protection

against spear phishing, email compromise attacks, malicious URLs,
equipped attachments, fraud, social engineering, and much more. It
also offers data leak security, secure messaging, and secure transfer
for large files.
 The benefits of Email security.

Developments in e-mail security and base may be very costly, take

longer to implement, and ultimately require support from institutional
decision makers. Given the importance of the topic in securing
company data these days, it should not be difficult to obtain the
necessary funding for support. You can have these technologies ready
to be used by institutions and individuals.

Now the e-mail security software verifies fake e-mail messages before
you can open it. It can also indicate whether the e-mail carries a virus
or not, and save your computer from infection. These programs can
also block spam messages, and prevent hacked e-mail accounts and
many of the advantages of other security.

These days all kinds of business contacts are made through emails.
Employees cannot immolate inbox traffic, reliability, and economy.
From contract information to the latest sales reports, it's major that
email data remains confidential. A single wrong click can lead to the
detection of highly confidential company information, the release of
known private financial statements, and the exposure of sensitive
negotiations. Here are 6 advantages you can expect from email
encryption:

1 Avoid Business Hazard.

2 Protect Secret Information.

3 Nullify Messages Reply Possibilities.

4 Avoid Identity Theft.

5 Reject Sent Messages

 References

[1]. www.wikipedia.org

[2]. Chris porter , email security with ironport

[3]. Techaai Team , Ekyaku ruth , Tech ham , your guide to

computer security , 2007

[4]. Christopher Hadnagy , social engineering : the science of

human hacking

[5]. Scott Barman , Email Security policies ,feb1 2002

www.informit.com