Electronic mail uses standard protocols that are universal and frequently used. Therefore, they are the target of several attacks, which we divide into two basic groups. These are

Attacks on Disclosed Data is a modification of e-mail messages that reveals sensitive information or transmitted e-mail messages.

Malware is a program designed to damage or infiltrate a computer system. It is an umbrella term that includes viruses, worms, Trojan horses, spyware and adware.

In the early days of electronic mail, protocols such as POP3 (Post Office Protocol) and SMTP (Simple Mail Transfer Protocol) were mainly used to transmit electronic mail messages in plain text.

Improvements to email and new protocols have also brought about attacks to reveal the messages being transmitted, which are mainly

A man-in-the-middle attack on e-mail requires the attacker to have control of one of several routers, firewalls, or gateways through which e-mail messages are transmitted.

Using existing software tools such as ARP spoofing (Address Resolution Protocol spoofing), an attacker can modify all e-mail messages going from or to network resources (routers, gateways) and can control two points in the transmission path.

There are four possible transmission path locations for this kind of attack. They are

Man-in-the-middle attack can be eliminated mainly by encryption and digital signatures on transmitted e-mail messages. Effective encryption provides protection against an attacker decrypting the transmitted message. Digital signatures ensure the integrity of the transmitted messages or protect against modification of the body of the transmitted messages by using hash codes of the transmitted messages.

A replay attack is a type of attack on the transmission of data on computer networks where otherwise valid (original) data is replayed or delayed with the aim of revealing it. An attacker can intercept this data in transit and later repeat or modify it directly as it passes through a network device, such as a router. Elimination of this attack relies mainly on the use of time stamps and the requirement that both nodes of a secure communication use the most accurate time possible.

A password attack or phishing attack is a type of attack in which an attacker tries to extort various passwords, such as bank account passwords, from users. The attack is carried out by first setting up a website that outwardly appears to be an existing trusted site. In the second phase, this website offers various benefits upon login and lures various passwords from users. Through the emails sent, the attacker can usually notify users to change their account number or renew their account and thus extort their passwords from them.

Eliminating this attack is mainly based on the fact that users should not trust such websites and provide them with the passwords they ask for, as legitimate sites never ask for passwords in this way. It is also advisable not to use the same login credentials for different services. There is also a phishing filter that checks whether an existing website is legitimate.

Phishing is an example of a social engineering technique that aims to deceive users and exploit weaknesses or vulnerabilities in security technologies.

Spam is defined as an unsolicited and mass-distributed message of virtually identical content. It is the misuse of electronic communication, in particular e-mail.

There are two types of spam according to the recipient of the spam. The first type is the sending of a message to a number of newsgroups, where the message is intended to promote certain products or other morally damaging material. This type of spam is aimed at people who frequently read the messages but do not provide their e-mail addresses.

The second type of spam is e-mail spam, sent to a specific recipient at their e-mail address, which is obtained by scanning web pages or newsgroups. E-mail addresses can also be obtained automatically by various software products. People who send spam are referred to as spammers.

E-mail attacks include, in particular, Spam DoS attacks, which prevent the standard use of electronic mail by spamming unsolicited e-mails.

Spam protection is very complicated. The problem is that there is no sharp line between spam and useful emails. There are also no signs that clearly indicate that it is spam. However, there are fairly simple measures that will minimise the amount of spam in your inbox. In particular, the following measures

The Black list is a database of IP addresses used by spammers. E-mail coming from an address on this list will not be allowed by an antispam program. However, spammers know about the blacklist and often change the address from which they send their spam.

In addition to the black list of email addresses, there is also a White list of email addresses, which includes verified addresses. Emails coming from addresses on this list are released by the antispam program.

Current software tools are creating advanced anti-spam programs that improve spam filtering and use phrases that can be used to infer that spam is spam.

Spam filters are software tools that identify spam based on words that are frequently found in spam. When these words are detected, the spam is filtered out. Very often, however, the correct message (non-spam) is flagged as spam. Spam filtering is based, for example, on the naive Bayes classifier method. It should be noted that spam filters are still being improved.