Most wifi users make use of public domain email server with the wrong feeling that their mails is private, the fact is; it is very easy to counterfeit emails; i.e., to send email as if it came from an important person. This in fact means forging the senders credential to unsuspecting recipient.
It is common for your email to be read while it is being transmitted: left to its own, email is like an open letter addressed to someone. Security agencies world over are looking at emails via computerized scans.
Anyone could send you email posing as someone else or using systems that can shield their email address and replace it with another, this action can be very disturbing.
It is also quite easy for someone to alter the content of email after it has left your machine: this requires more technical skills then the simple forging of a return address, but standard internet email provides no protection against it.
Some public email system use a form of authentication to which attaches it to the sender of all messages, and the software used to read email checks this. This system can verify whether or not an email has been compromised. To get out of the so called wifi for dummies email scams, then you should install a digital certificate on your computer.
Digital signatures provide evidence who email comes from, and that it has not been compromised in anyway. All wifi users should form a habit of using digital signatures for vital email; you will have a lot of credibility if you ever need to disown forged mail that appears to be from you. They also allow you to encrypt email so that no one can read it except the recipient.
A favorite trick of junk-mail senders (spammers), is simply done on the return address, you simply alter your email address in the settings in your email software i.e. your email "client") The next message you send will have the forged return address; the only way to discover this is by checking for inconsistency indicating that the mail is probably fake, but it is very demanding.
With digital keys, you can also encrypt a message so that it is only readable by the recipient. Signing a message proves who it came from, but anyone can read the message in transit through the internet (although changing the message invalidates the signature). Encrypting makes sure the message is unreadable during transit.
Before you can encrypt a message to someone, you need their "public key", which you get automatically if they send you a signed message. It is also possible to get public keys from directories, if your desired correspondent has stored their public key with a directory.
No comments:
Post a Comment