This post is also available in: heעברית (Hebrew)

The United Kingdom’s National Cyber Security Centre (NCSC) has announced a new email security check service to help organizations identify vulnerabilities that could allow attackers to spoof emails or lead to email privacy breaches. According to the official statement made by NCSC, the Email Security Check tool requires no sign-ups or personal details.

This service was developed and is now provided online for free as a direct response to some UK sectors having a superficial adoption of recommended email security controls (as low as just 7% in some cases). The UK government stated that the Email Security Check is intended to help secure organizational email systems, in two distinct ways.

First, by making it difficult for fake emails to be sent from the organization’s domains.

Second, by protecting your email in transit with TLS.

It works by checking publicly available internet DNS records to verify if anti-spoofing controls are correctly configured and the TLS configuration by initiating server communication. “It checks that anti-spoofing standards are configured correctly to help organizations prevent cyber criminals from abusing their domain and sending out malicious emails pretending to be them,” the NCSC said. “It also looks up whether privacy protocols, such as TLS, are in place to ensure that emails are encrypted when in transit so they cannot be accessed and remain confidential between mail servers.”

Prepared to dive into the world of futuristic technology? Attend INNOTECH 2023, the international convention and exhibition for cyber, HLS and innovation at Expo, Tel Aviv, on March 29th-30th

Interested in sponsoring / a display booth at the 2023 INNOTECH exhibition? Click here for details!