Email was designed to be a very simple way to move short text messages across the internet. Its enormous popularity grew out of the ease of use and value in communicating quickly and efficiently. Unfortunately the foundation was never meant to support security and it shows.
Email has been added to over the years. We got the ability to attache non-text as files, added encryption at various steps in the transmission process, and improved the ability to detect some kinds of fraudulent email.
But despite all these improvements it is still one of the weak chinks in the armor of our IT infrastructure. Spam, spoofing, and phishing are still rampant and very successful means of compromising systems. The lack of a good foundation prevents real solutions to these problems.
Recently the IT admin team at San Jose State University found that even their sophisticated system is vulnerable to these problems. This news story details the problems http://spartandaily.com/125126/fake-email-posing-administrators-tries-steal-passwords-says
Only a message and file communication system that is not based on the foundation of email can avoid the basic insecurities built into the email system.