Email hacking

Phishing involves emails that appear to be from legitimate sender but are scams which ask for verification of personal information, such as an account number, a password, or a date of birth.

If unsuspecting victims respond, the result may be stolen accounts, financial loss, or identity theft.

Where a mail flow between servers is not encrypted, it could be intercepted by an ISP or government agency and the contents can be read by passive monitoring.

Email spoofing and similar issues which facilitate phishing[5] are addressed by the 'stack' of Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC).

[6] Email may be protected by methods, such as, creating a strong password, encrypting its contents,[7] or using a digital signature.

OPSEC warning military personnel not to use email accounts with weak security.