Email Hacking

Email hacking is the unauthorized access to, or manipulation of, an account or email correspondence.

Overview

Email is a very widely used communication method. If an email account is hacked, it can allow the attacker access to the personal, sensitive or confidential information in the mail storage; as well as allowing them to read new incoming and outgoing email - and to send and receive as the legitimate owner. On some email platforms, it may also allow them to setup automated email processing rules. All of these could be very harmful for the legitimate user.

Attacks

There are a number of ways in which a hacker can illegally gain access to an email account.

Virus

A virus or other malware can be sent via email, and if executed may be able to capture the user's password and send it to an attacker.

Phishing

Phishing involves emails that appear to be from legitimate sender but are scams which ask for verification of personal information, such as an account number, a password, or a date of birth. If unsuspecting victims respond, the result may be stolen accounts, financial loss, or identity theft.

Prevention measures

Email on the internet is sent by the Simple Mail Transfer Protocol (SMTP). While mail can be encrypted between mail servers, this is not typically enforced, but instead Opportunistic TLS is used - where mail servers negotiate for each email connection whether it will be encrypted, and to what standard. Where a mail flow between servers is not encrypted, it could be intercepted by an ISP or government agency and the contents can be read by passive monitoring.
For higher security, email administrators can configure servers to ''require'' encryption to specified servers or domains.

Email spoofing and similar issues which facilitate phishing are addressed by the 'stack' of Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC). Setting all these in place is technically challenging, and not visible to the end user, so implementation progress has been slow. A further layer, Authenticated Received Chain (ARC), allows mail flow through intermediate mail servers such as mailing lists or forwarding services to be better handled - a common objection to implementation.

Businesses typically have advanced firewalls, anti-virus software and intrusion detection systems (IDS) to prevent or detect improper network access. They may also have security specialists perform an audit on the company and hire a Certified Ethical Hacker to perform a simulated attack or " pen test" in order to find any gaps in security.

Although companies may secure its internal networks, vulnerabilities can also occur through home networking. Email may be protected by methods, such as, creating a strong password, encrypting its contents, or using a digital signature.

If passwords are leaked or otherwise become known to an attacker, having two-factor authentication enabled may prevent improper access.

There are also specialist encrypted email services such as Protonmail or Mailfence.

Cases of email hacking

Notable cases of email hacks include:
* Email archives from the Climatic Research Unit were leaked to create the scandal popularly known as Climategate.
* News of the World journalists hacked email accounts for their stories.
* UK politician Rowenna Davis had her mail account taken over and held ransom.
* US politician Sarah Palin has been hacked in order to find embarrassing or incriminating correspondence.
* As part of the Sony Pictures hack, over 170,000 pieces of email between top executives ended up on Wikileaks.
* Former United States president, George H.W. Bush had his email hacked.
* The personal email of political consultant John Podesta was hacked, and contents later published by WikiLeaks.

References

{{reflist

Data breaches