
Email hacking is the unauthorized access to, or manipulation of, an account or email correspondence.
Overview
Email
Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or counterpart to, mail, at a time when "mail" mean ...
is a very widely used communication method. If an email account is hacked, it can allow the attacker access to the personal, sensitive or confidential information in the mail storage; as well as allowing them to read new incoming and outgoing email - and to send and receive as the legitimate owner. On some email platforms, it may also allow them to setup automated email processing rules. All of these could be very harmful for the legitimate user.
Attacks
There are a number of ways in which a
hacker
A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
can illegally gain access to an email account.
Virus
A
virus
A virus is a wikt:submicroscopic, submicroscopic infectious agent that replicates only inside the living Cell (biology), cells of an organism. Viruses infect all life forms, from animals and plants to microorganisms, including bacteria and ...
or other
malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, de ...
can be sent via email, and if executed may be able to capture the user's password and send it to an attacker.
Phishing
Phishing involves emails that appear to be from legitimate sender but are
scams
A confidence trick is an attempt to defraud a person or group after first gaining their trust. Confidence tricks exploit victims using their credulity, naïveté, compassion, vanity, confidence, irresponsibility, and greed. Researchers have de ...
which ask for verification of personal information, such as an account number, a password, or a date of birth. If unsuspecting victims respond, the result may be stolen accounts, financial loss, or identity theft.
Prevention measures
Email on the internet is sent by the
Simple Mail Transfer Protocol
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typic ...
(SMTP). While mail can be encrypted between mail servers, this is not typically enforced, but instead
Opportunistic TLS
Opportunistic TLS (Transport Layer Security) refers to extensions in plain text communication protocols, which offer a way to upgrade a plain text connection to an encrypted (TLS or SSL) connection instead of using a separate port for encrypted c ...
is used - where mail servers negotiate for each email connection whether it will be encrypted, and to what standard. Where a mail flow between servers is not encrypted, it could be intercepted by an
ISP
An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privatel ...
or government agency and the contents can be read by
passive monitoring
Passive may refer to:
* Passive voice, a grammatical voice common in many languages, see also Pseudopassive (disambiguation), Pseudopassive
* Passive language, a language from which an interpreter works
* Passivity (behavior), the condition of su ...
.
For higher security, email administrators can configure servers to ''require'' encryption to specified servers or domains.
Email spoofing
Email spoofing is the creation of email messages with a forged sender address. The term applies to email purporting to be from an address which is not actually the sender's; mail sent in reply to that address may bounce or be delivered to an un ...
and similar issues which facilitate phishing are addressed by the 'stack' of
Sender Policy Framework
Sender Policy Framework (SPF) is an email authentication method designed to detect forging sender addresses during the delivery of the email. SPF alone, though, is limited to detecting a forged sender claim in the envelope of the email, which i ...
(SPF),
DomainKeys Identified Mail
DomainKeys Identified Mail (DKIM) is an email authentication method designed to detect forged sender addresses in email ( email spoofing), a technique often used in phishing and email spam.
DKIM allows the receiver to check that an email claim ...
(DKIM) and
Domain-based Message Authentication, Reporting and Conformance
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing. Th ...
(DMARC). Setting all these in place is technically challenging, and not visible to the end user, so implementation progress has been slow. A further layer,
Authenticated Received Chain Authenticated Received Chain (ARC) is an email
Electronic mail (email or e-mail) is a method of exchanging messages ("mail") between people using electronic devices. Email was thus conceived as the electronic ( digital) version of, or c ...
(ARC), allows mail flow through intermediate mail servers such as mailing lists or forwarding services to be better handled - a common objection to implementation.
Businesses typically have advanced
firewall
Firewall may refer to:
* Firewall (computing), a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
* Firewall (construction), a barrier inside a building, designed to limit the spre ...
s,
anti-virus software
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware.
Antivirus software was originally developed to detect and remove computer viruses, hence the name. ...
and
intrusion detection system
An intrusion detection system (IDS; also intrusion prevention system or IPS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically rep ...
s (IDS) to prevent or detect improper network access. They may also have security specialists perform an
audit
An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon.” Auditing ...
on the company and hire a
Certified Ethical Hacker
Certified Ethical Hacker (CEH) is a qualification given by EC-Council and obtained by demonstrating knowledge of assessing the security of computer systems by looking for weaknesses and vulnerabilities in target systems, using the same knowledge an ...
to perform a simulated attack or "
pen test" in order to find any gaps in security.
Although companies may secure its internal networks, vulnerabilities can also occur through home networking.
Email may be protected by methods, such as, creating a
strong password
Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to gu ...
, encrypting its contents, or using a
digital signature
A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
.
If passwords are leaked or otherwise become known to an attacker, having
two-factor authentication
Multi-factor authentication (MFA; encompassing two-factor authentication, or 2FA, along with similar terms) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting ...
enabled may prevent improper access.
There are also specialist
encrypted email Email encryption is encryption of email messages to protect the content from being read by entities other than the intended recipients. Email encryption may also include authentication.
Email is prone to the disclosure of information. Most emails a ...
services such as
Protonmail or
Mailfence
Mailfence is an encrypted email service that offers OpenPGP based end-to-end encryption and digital signatures. It was launched in November 2013 by ContactOffice Group, which has been operating an online collaboration suite for universities an ...
.
Cases of email hacking
Notable cases of email hacks include:
* Email archives from the
Climatic Research Unit
The Climatic Research Unit (CRU) is a component of the University of East Anglia and is one of the leading institutions concerned with the study of natural and anthropogenic climate change.
With a staff of some thirty research scientists and s ...
were leaked to create the scandal popularly known as
Climategate
The Climatic Research Unit email controversy (also known as "Climategate") began in November 2009 with the hack (computer security), hacking of a server at the Climatic Research Unit (CRU) at the University of East Anglia (UEA) by an external ...
.
*
News of the World
The ''News of the World'' was a weekly national Tabloid journalism#Red tops, red top Tabloid (newspaper format), tabloid newspaper published every Sunday in the United Kingdom from 1843 to 2011. It was at one time the world's highest-selling En ...
journalists hacked email accounts for their stories.
* UK politician
Rowenna Davis
Rowenna Davis (born 28 February 1985) is a Labour Party politician. She is currently a councillor representing Waddon ward in the London Borough of Croydon. She has worked as a teacher and political journalist. She was previously been a Labo ...
had her mail account taken over and held ransom.
* US politician
Sarah Palin
Sarah Louise Palin (; Heath; born February 11, 1964) is an American politician, commentator, author, and reality television personality who served as the ninth governor of Alaska from 2006 until her resignation in 2009. She was the 2008 ...
has been hacked in order to find embarrassing or incriminating correspondence.
* As part of the
Sony Pictures
Sony Pictures Entertainment Inc. (commonly known as Sony Pictures or SPE, and formerly known as Columbia Pictures Entertainment, Inc.) is an American diversified multinational mass media and entertainment studio conglomerate that produces, acq ...
hack, over 170,000 pieces of email between top executives ended up on Wikileaks.
* Former United States president,
George H.W. Bush
George Herbert Walker BushSince around 2000, he has been usually called George H. W. Bush, Bush Senior, Bush 41 or Bush the Elder to distinguish him from his eldest son, George W. Bush, who served as the 43rd president from 2001 to 2009; pr ...
had his email hacked.
* The personal email of political consultant
John Podesta
John David Podesta Jr. (born January 8, 1949) is an American political consultant who has served as Senior Advisor to President Joe Biden for clean energy innovation and implementation since September 2022. Podesta previously served as White ...
was hacked, and contents later published by
WikiLeaks
WikiLeaks () is an international non-profit organisation that published news leaks and classified media provided by anonymous sources. Julian Assange, an Australian Internet activist, is generally described as its founder and director and ...
.
References
{{reflist
Data breaches