Counter phishing and spoofing attacks with Secure Email by GlobalSign
Digitally sign and encrypt your emails with our S/MIME Certificates to protect your content in transit and at rest.
For a limited time only, get an extra year of validity on us when you purchase a year’s worth of Secure Email. Send Secure Emails With Us
What is S/MIME (Secure Email Certificate)?
S/MIME refers to Secure Email Certificate. Since hackers and cybercriminals are known to target emails as an attack vector, S/MIME helps secure email by doing two things: 1) encrypt your email; and 2) sign your email. That way, nobody else can intercept the message and ensure the email really came from a verified sender.
Register NowHow does S/MIME (Secure Email) work?
S/MIME (Secure Email) works by issuing a public and private key. Here’s how it works:
In encrypting emails, the sender uses the recipient’s public key upon sending, and only the recipient’s private key can decrypt it. Since only the intended recipient has their own private key, no one else can decrypt the email.
In digitally signing emails, the sender digitally signs the email through a digital certificate. This ensures the recipient signed the contents of the email and not an impostor. The digital signature includes the certificate and public key, which originates from the sender’s digital ID. This ensures that the content has not been altered in any way during transit.
What are the benefits of S/MIME (Secure Email)?
Digitally signing and encrypting your email communications offer the following benefits:
Sender Authentication
Digital certificates, used to digitally sign emails, contain the sender’s information, the email recipient can authenticate the identity of the sender.
Message Confidentiality
S/MIME uses a cryptographic key pair—the sender encrypts the email using the public key and only the equivalent private key can decrypt it—to encrypt and protect emails, which means that only the intended recipient can read the email. And if a threatening actor or any unintended recipient tries to eavesdrop on or intercept the message, they won’t be able to read the email’s contents.
Message Integrity
Digital signing emails help assure that the contents of the email were not tampered with. Validating a digital signature or decrypting a message includes verifying that the contents match what was in the email when the signature was applied.
Non-repudiation
The sender cannot deny that they sent or digitally signed an email, since digital signatures are applied with the sender’s private key, which should only be in possession of the sender.
Why is S/MIME (Secure Email) important?
S/MIME (Secure Email) encrypts and digitally signs email for two things:
- To ensure no one else can intercept the email content and/or alter its contents.
- To ensure the message really did come from a legitimate source.
How do I know if an email is secure?
To know if an email is signed and encrypted with S/MIME, look for these visual security cues:
The ribbon lets you know that the email was digitally signed by the sender, while the padlock shows that the message is encrypted. Clicking on these two icons will show further details and validity of digital signature.
Use cases
Companies, organizations, and enterprises that need to comply with different data privacy laws and regulations regarding transmission of sensitive information through email communications. Organizations working in the following industries/sectors:
- Banking and Financial
- Insurance
- Medical and Healthcare
- IT
- Engineering
- Travel
- HR and Staffing
FAQ
GlobalSign is one of the longest WebTrust-certified Certificate Authorities globally. Since 1996, GlobalSign has been providing trusted identity security solutions for every enterprise. We specialize in providing superior PKI solutions regardless of your company’s size.
GlobalSign only uses up to date technology to make the Internet of Everything a safe space for people to use.
A digital certificate is a piece of data that proves your online identity. It can only be issued by trusted Certificate Authorities.
Yes, users can digitally sign and encrypt emails using S/MIME certificates on both mobile and desktop.
S/MIME Certificates are compatible with the leading mail application (clients) like Outlook, Thunderbird, Apple Mail, Gmail, and HCL Notes to name a few.
Yes, while SSL/TLS certificates are used to encrypt the connection between your email server and the user, emails can still be vulnerable to MITM (man-in-the-middle) attacks—threat actors insert themselves between mail servers and users to access, eavesdrop on, and even hijack emails. SSL/TLS Certificates only protect email in transit, using S/MIME certificates to encrypt email communications prevents the risk of data loss through email communications and protect emails in transit and at rest.
Phishing is a type of online scam that involves tricking someone into trusting you and giving you confidential information. It is most often prevalent in email communications wherein the victim sends out valuable information such as passwords and credit card details with the knowledge that the sender is someone they trust (such as their banks).
Spoofing is a type of cyberattack wherein the threat actor pretends to be a known, trusted source to manipulate the victim into giving them confidential information.
Business Email Compromise (BEC) is a type of phishing scam that uses email fraud to target companies and organizations into conducting wire transfers or sending valuable company information such as access to systems and networks. BEC attacks specifically identified users, typically high-level executives, CEOs, or managers in the HR or finance departments.
-
GMO GlobalSign Pte. Ltd
1 Wallich Street #25-01A Guoco Tower Singapore (078881) -
+65 3158 0349
-
sales-apac@globalsign.com
GlobalSign protects and secures your personal information, View GlobalSign Privacy Policy