With almost 300 billion emails sent per day, it’s no surprise that around 91% of all cybersecurity attacks begin with an email. Unfortunately, many people don’t pay enough attention to their inbox privacy and security, which makes them attractive targets for hackers. Implementing basic data security measures can help you better protect yourself and your inbox from cybercriminals.
So what precautions should you take to keep your email secure? Here are our top 7 email security tips:
- Read the Terms of Service
- Generate a strong password
- Limit forwarding emails
- Avoid clicking on spam email
- Activate two-factor authentication
- Set expiration dates for your emails
- Encrypt all emails
7 Tips To Keep Your Emails Safe
- Read your email provider’s TOS
The Terms of Service (TOS) are notorious for being accepted without actually being read by users. When you first sign up with an email provider, the TOS will give you a heads-up on what kind of security the provider is offering. You would know what kind of protection they implement against brute-force attacks or if they encrypt all the messages passing through their servers.
Once you’ve read through your email provider’s TOS (or used the Terms of Service; Didn’t Read browser-extension), you’ll realize that your email security is not guaranteed by your provider. Gmail, for example, is quite secure from hackers as it is encrypted with TLS and 128-bit encryption. However, Gmail is also known to employ bots that scan your emails and collect information about you.
Reading through the TOS can help you manage your expectations and take extra steps to protect yourself. You may also be prompted to explore your options and look for safer, alternative email providers to sign-up with.
- Generate a strong password
A strong password is inbox’s first line of defense. However, many people still opt to use weak and easy passwords. According to NordPass, some of the most common passwords in 2020 are “123456”, “123456789”, “password”, and “11111”. Over the years, these passwords (which were discovered in various data breaches) have consistently topped the “worst password” lists online and can be used to open your email in less than a second.
To fend off brute-attacks, create passwords that are at least 16 characters long with a mix of letters, numbers, and punctuation. A good trick to use is to write a phrase that’s 12 letters long, then add numbers and punctuation. You can also use a password manager that helps you create and manage unique passwords for each of your online accounts — just be sure to use the encrypted backup feature!
Of course, avoid writing down your passwords or sharing them with anyone. Never reuse a password for multiple sites either. Even if it’s a strong one, data breaches can happen and leaked passwords may end up on the black market. Once this password is exposed and you used it on other accounts, you’re sure to get hacked. To be safe, change your password every 60 days at least, especially if you’re using email on a public computer.
- Limit your forwarding
When you receive a message you want to share, it only takes one click to forward it to someone else. The problem is that we don’t really see where our email is headed to. Your messages could be protected if the email is hosted on a corporate server and you’re planning to send it internally.
Once the message leaves the server, however, the data would be unsecured and unencrypted. You’re not sure which servers it will pass through, who will see it, and where it will be stored. The risk is that cybercriminals can easily access your email while it’s in transit. If you can’t limit forwarding your emails, be sure to encrypt them before sending it out.
- Avoid clicking spam email from unknown senders
Phishing is a cybercrime that utilizes a legitimate-looking email to get you to click on a link or download an attachment — which allows criminals to automatically infect your computer with malicious software. Fortunately, many of these messages end up filtered as spam messages.
If you receive an email from a person or a company you don’t know or did not expect, report it as spam and move on. Avoid replying, clicking links, or even unsubscribing because it will show that your email is active.
- Activate two-factor authentication
The concept of two-factor authentication (2FA) simply combines something you know with something you have, like a debit card which requires both a PIN and a physical card to use. Even if a hacker manages to get your password, they will need something else to verify your identity. It could be an SMS, a fingerprint, or an answer to a secret question.
It usually takes just a few clicks to activate your email’s 2FA. Your email provider will ask for your phone number and send you an SMS with a code whenever you have to access the email.
- Set expiration dates for your email
Many users don’t bother clearing their private email inboxes regularly and this could pose a danger too. Imagine sending sensitive information to someone and that email stays in the inbox for months — out of your control and protection. Some email providers allow you to set an “expiration date” so that once a certain date has passed, the email can no longer be read by the recipient or anyone else
- Encrypt all your emails
Encryption is a technology that allows you to jumble up a message and make it impossible to decipher, unless you are the intended recipient with the authorization code. You won’t need to worry if your inbox gets compromised or if your message gets intercepted because everything becomes unreadable.
Aside from the actual email messages, you can encrypt archived messages and even the connection from your email provider. Encrypting the connection prevents hackers from capturing login credentials and message contents as your emails travel from server to server.
At Abacus, we recommend using ZixEncrypt, which is a reliable email encryption system that can be used with G-suite. Compared to other encryption software, ZixEncrypt uses the only bidirectional transparent email encryption, which means senders and recipients can safely exchange encrypted email without the hassle.
Boost Your Cybersecurity with Abacus Managed IT Services
Keeping your emails safe means keeping your clients and your business safe as well. Don’t leave everything easy for cybercriminals to access; let Abacus help improve your IT security.
Since 2001, our team of engineers and IT support personnel have dedicated their expertise to protecting organizations with affordable services and products. We offer fixed-cost cybersecurity solutions such as vulnerability assessments, system security patching, and anti-virus/anti-malware endpoint protection. Contact us at Abacus today to learn more.