EMAIL HYGIENE: EMAIL SECURITY TIPS
As both a consumer and an email marketer, it is imperative that you are aware of email security measures to secure your accounts from phishing attempts and prevent hackers from accessing your communications.
The email was designed to be a method of communication between individuals and organizations. For this reason, it made as open and as accessible as possible. However, due to its popularity, email has become a popular medium for hackers to gain access to sensitive information. The open format of email allows anyone to read it if they are able to intercept the email. It can also be used to spread malware and create phishing attacks that trick people into divulging personal information or compromise their devices.
What is Internet Phishing?
That’s a good question. When people are asked what is internet phishing, most of them will tell you that it’s an email from a scammer impersonating a reputable company in order to trick you into providing your login information. And they’d be correct. One of the most famous examples of this is the one that happened with Paypal. Some scammers pretended to be Paypal and informed users of some discrepancies in their accounts that needed to be rectified. To fix that discrepancy, the users were asked to click on the link and log in. In reality, the link sent to them was to a fake website that collected their login credentials, enabling the scammers to access their accounts.
But that’s not all internet phishing is. It is also when hackers use fake email messages to introduce malware and viruses into your device. Once your device becomes infected, hackers are then able to control it and allowing them to send messages to other people through your account.
How to avoid phishing emails and increase your email security?
There’s no way to stop these hackers from trying to steal your information. It’s their way of earning money. But you can prevent yourself from becoming one of their victims by implementing email security measures. If you want to learn how to avoid phishing emails and improve your email security, read on.
Keep Informed About phishing techniques
Hackers are crafty buggers. They use several different phishing techniques in order to get what they want. To avoid becoming a victim, you need to keep your eyes and ears open regarding new phishing scams. If you know about the scams early on, it lessens the risk that you’ll end up ensnared in their trap.
For example, aside from the usual deceptive phishing (email messages from scammers pretending to be your bank), you should be aware of pharming. This is where scammers will hijack a website’s domain name to redirect you to their own website. As a result, you may end up logging into thinking that the website is safe. You can avoid this by only entering your login credentials on HTTPS-protected sites.
Install an Anti-Phishing Toolbar
What’s an anti-phishing toolbar? Well, it’s a toolbar that you can add to your internet browser. It will check the sites you are visiting against lists of known phishing sites. If the site is suspicious, the toolbar will alert you. Aside from giving you a layer of protection, the best thing about anti-phishing toolbars is that they’re completely free.
Enable two-factor authentication
One of the most important steps that you should take in order to protect yourself from phishing attempts is to enable two-factor authentication. What’s that? Two-factor authentication (also known as 2FA) is based on the idea that everything is more secure if you rely on more than just your password to access your information.
Because usernames and passwords can be incredibly easy to hack, you’re going to need a second layer of protection. With 2FA, you need to supplement your login with a passcode that only you have access to. In short, you’ll need to authenticate yourself using “something you know” like your password and “something you have” like your physical access to your phone. The passcode is sent to you on a device you have control over via SMS or an app such as Google Authenticator. So, if someone should be able to hack your password, they would still be unable to log in unless they also had physical access to your phone.
Due to the increased email security risks today, a lot of services offer two-factor authentication such as Gmail. It’s important that you activate this on all services that you can. If you want to go a step further, you can get a YubiKey. This is a small USB device that you can plug into your computer or tap into your phone using NFC to enable 2FA. If you do get phished (it happens to the best of us!), they won’t be able to gain access to your information without the YubiKey.
Click links and attachments with caution
Don’t automatically trust all the links sent to you via email. Even if the sender seems legitimate such as a family member or your local bank. Make sure to check the authenticity of the link (that it’s sending you where you want to go) by hovering on the link to see the actual URL. If the URL shows a link shortener instead of the full URL, don’t click it. The same goes for URLs that you are not familiar with. If you aren’t sure about the link, you can search for the domain name in DuckDuckGo or any other privacy-preserving search engine to see the website’s legitimacy.
Aside from links in your email, you should also be wary of attachments. Malware and viruses are often included in phishing emails. To avoid malware from corrupting your device, don’t download any attachments. Of course, if your job entails you to receive documents through email (i.e. writer), then ask the sender to just send you the text in the email instead of an attachment. This is a good precaution to take especially if you receive documents from people you don’t know.
If you must open an attached document, a good option is to open it in Google Drive. This allows you to view the attachment in the Chrome browser without requiring you to download it beforehand.
Don’t always trust the sender
Just like websites, the “from” field in your emails can also be faked to trick you into trusting the email and its contents. Yes, it is difficult, but hackers can send an email using someone else’s email address. It’s even easier for them to create an email address that’s similar enough to your contact’s that you won’t notice the difference. Make sure that you check the sender’s information for any typos which can indicate a phishing attempt is in progress.
Utilize email encryption
If you’re sending sensitive information, it’s important that you ensure no one authorized to read the content of your email message. Because of its vulnerability, it can be easy for hackers to gain access to an email account along with all the information within. They can even intercept email messages. With email encryption, you encrypt or disguise the content of your message which makes hackers unable to interpret it even if they get to hack your email account. They’ll need a unique private key to decrypt the content of the email so that it can be read.
