[Cryptography] What ever happened to end-to-end email encryption?
John Levine
johnl at iecc.com
Sun Aug 22 17:05:02 EDT 2021
It appears that Christian Huitema <huitema at huitema.net> said:
>Maybe. I receive lots of spam, but so far I have not received any
>encrypted spam. That would not be hard, spammers could retrieve my PGP
>key from a number of key databases. But they don't bother, and I wonder
>why. ...
Because there are so few PGP users that it is not worth the effort. Spam
is an exercise in vast volumes and very low return rates.
>that would not be profitable? But if the latter, wouldn't encrypted
>email be a wonderful channel for a spear-phishing attack?
Yup. I wouldn't count on it not having happened yet. There's a whole
lot of it that never gets publicly reported.
R's,
John
More information about the cryptography
mailing list