Email is the most likely way that a virus will get on to your computer. It is also how somebody might make a phishing attack in order to acquire sensitive information such as usernames, passwords, credit card details etc.
There are various ways in which you can secure yourself against these attacks and avoid having to cope with a virus infested computer or the loss of your own personal information.
- Install anti-virus software on your computer
- ensure that the anti-virus software maintains regular updates
- don't open an email attachment from somebody you don't know
- never open an email attachment directly, but save it to a file and then virus check it.
- never follow a link in an unsolicited email to enter usernames. passwords, pins, credit card details etc
It is very easy for anyone to forge an email to make it look as if it is sent from someone else. If you receive an email from someone you know and the content looks a bit strange then it could possibly be a forged email. If you are at all unsure then contact that person and ask them if they sent it. This is very important if the message contains an attachment or appears to be a phishing type of message to encourage you to go to a linked web site and enter your details.
A way to avoid forged emails is to use a digital signature. The digital signature is attached to the email and guarantees that the message has not been altered after it was sent. The provides the recipient of the message that it is definitely from the person who claims to have sent it. This is a great way to guarantee that a message is from who it claims to be from. However, it doesn't prevent somebody else from reading the email if they were to intercept it or read it directly on your computer. Secure email certificates that allow you to digitally sign your emails are freely available so there is no reason not to have one. You can get one from places such as Comodo
If you want to hide your email from prying eyes then you need to use encryption. This will make it unreadable to anyone except those possessing the appropriate key with which to decrypt it. The most common mechanism for email encryption is called Public Key Encryption. Each user has two keys, a Public Key and a Private Key. They keep the Private Key to themselves and don't let anyone else have it and they give their Public Key to anyone who might need it. If somebody wants to send an encrypted email to that person then they encrypt the message using the Public Key. The only way that the message can then be decrypted is with the Private Key,. So the only person who can decrypt the message is the person with the Private Key who the email message is being sent to. The most widely used email encryption standard is OpenPGP.