The Year of 2020 changed everything due to the worldwide COVID-19 pandemic. It has changed the way we work, roam around the city, hygiene habits, and many more. “Work from home” became a new standard worldwide, so cybersecurity became an essential part of everyone’s life. Email security is one of them that lead many to lose personal information to financial assets. And so, it is recommended to follow these PRO Email Security Tips to protect your data from the dark web world.
Some common problems came into the notice from “work from home” life about email security. Many had a corporate structure that was securing office premises in a better way, but sometimes it’s impossible to maintain the same level of protection for people working from home. But every organisation should train their employees and make them aware of online securities and cyber threats.
Here are some recommendations for every user that protects them from being a victim of cyber frauds. These Pro Tips don’t just help corporate users those using business email services like Office 365 and G-Suite. But it can help users who are using free email services like Yahoo, Gmail, Hotmail and many others.
PRO Email Security Tips:
- Use Strong, Long and Unique Password
- Change Your Password Periodically
- Don’t Use the Same Password for Multiple Accounts
- Enable Two-Factor Authentication
- Never Open Any Attachments without Scanning with (Professional) Anti-Virus or Anti-Malware
- Don’t Click on Any Links without identifying (Genuine or Spam Links)
- Double Check the Sender Email and Domain Name
- Do Not Post Your Personal Information on Public Forums, Blogs or Social Media
- Don’t Share Personal Information via Email or Reply to Spam Emails
- Don’t Use Public Wi-Fi
- Logout and/or Lock Your Device
- Always Backup Your Data
Tips 1: Use Strong and Unique Password (Must for Email Security)
Using a strong, long and unique password is the key to securing email or any online account. If you are using a week or common password, it most probably has been compromised in the past. That might also be available on Brute-force dictionary list, so there’s a higher chance of getting hacked. To avoid such a situation, please use a strong, long and unique password. You can use an online password generator tool to create a multi-characters unique password with symbols and numbers. Such a password is hard to guess and crack for hackers.
We know that it’s not easy to remember such a long and unique password, but you can use a password manager like “1Password” or “Last Pass” to securely store your passwords. You can even store your passwords Chrome Browser, but it’s a risk of losing data if you delete or uninstall it. So, storing the password on cloud password managers is the safe way, and it will always be available when you need it.
Tips 2: Change Your Password Periodically
Changing your password often can improve the security for any services. For example, if you gave your email password to your IT Company to check some issues or setting for your email, the team member can access your email even if they no longer work for the same company in the future. So it is recommended to change the password periodically to secure your email service from fraudulent use. It just takes a few seconds of your time to change the password regularly but gives you complete peace of mind.
Tips 3: Don’t Use the Same Password for Multiple Accounts
It is a nightmare to remember the multiple passwords for everyone, but it does create a huge security risk. For example, if you have the same password for multiple social media and email accounts, and if one account gets compromised, it opens all doors for the hacker. The hacker can use the same password and might be username on multiple profiles as Brute-force attack and can take over on your various accounts
In the past, we saw that many people victimised by hackers with taking over on their Facebook and Instagram accounts due to the same email address and password used for both social media profiles. So best to keep a strong and unique individual password for every account.
Tips 4: Enable Two-Factor Authentication
Two-Factor Authentication (2FA) assuring the right people have got access to the online account. 2FA is commonly used nowadays by many industries like banking, social media platforms and other online services. Sometimes, the service provider has their own way for two-factor authentication such as SMS/OTP, Email Verification Links, Physical Key and some more. But all these methods aim to protect the client’s account and provide them as secure service as they can.
Enabling 2FA (Two-Factor Authentication) uses any two verification methods to access the related email account. Once you get verified with both ways, you can enter to the email client and send or receive emails. Nowadays, cloud email service providers like Microsoft and Google, forcing people to use 2FA for a good reason. It’s a sure-fire way of email or any online accounts security. Make sure you don’t handover your OTP or Email Verification Link access to anyone.
Tips 5: Never Open Any Attachments without Scanning with Professional Anti-Virus or Anti-Malware (Must for Email Security)
If you receive any emails from unknown sources and attachments with cheesy or threat words, do not open it. Hackers sometimes try to generate matters of urgency like warrant, summons, court order and similar terms that make you panic. But don’t fall in that trap, be calm, think thrice and take appropriate action. Never rush to open any attachments in your email as it could lead to data theft and Ransomware.
Check if the email is authentic, scan attachment with Professional Anti-Virus and Anti-Malware before opening it even if it’s from the genuine sender. Many Professional Anti-Virus or Anti-Malware software available in the market like McAfee, Trend Micro, Malwarebytes and some other. Some of these even protect you from Ransomware which is big plus nowadays.
You can use free Anti-Virus or Anti-Malware, but paid software companies regularly update their database, which helps to protect your data from newly created viruses. So it is recommended to use a paid version of Anti-Virus or Anti-Malware software of your choice.
Tips 6: Don’t Click on Any Links without identifying (Genuine or Spam Links)
Did you notice those phishing emails that have various links asking you to verify your account? Another example of a phishing email is one that has smartly morphed pages that looks like Facebook or your Bank Institution. Once you open the link, it asks you to log in to that page with some random URL like my-facebook.com. Once you try to log in on that Facebook login page, booooom! Hackers now have your original Facebook login details, and you will notice unusual activities on your social media account straightaway.
Similarly, your bank asking you to log in ASAP to stop your account to being blocked due to fraud money transactions. Hackers trying to create fake scarcity and want you to take action now so they can take over on your bank account to withdraw all your money. Please be logical and stay away from it! Professional organisations never ask you for your personal details over the email from unknown sources.
According to Security Boulevard, 85% of organisations have been hit by phishing attack worldwide at least once in 2020.
You can easily verify those links in phishing email by just hovering over the link. You can see the actual URL on your computer’s bottom-left corner when you hover your mouse over the links. As we mentioned, those links might have phishing URL or harmful attachment download links. In both cases, it will harm you losing your privacy, personal assets and peace of mind. So never click on any link that sounds like a Phishing (fishy) or spammy.
Tips 7: Double Check the Sender Email and Domain Name
You have lots of things to check and verify before you act and fall in the trap of online attackers or call them hackers. Apart from attachments and links, there are some other aspects we need to know that helps to identify the phishing emails as well.
It is important to pay attention to this part as if you miss one letter only in the email address; you get caught into hackers trap. We recommend you check sender email very carefully as it might have a similar domain name but not a genuine one. For example, you expect emails from CommBank.com.au, but you might have received an email from Commmbank.com.au and that one extra “M” makes it worst for you in the domain name because people behind the scene are making emails to looks as legitimate as they can so victim easily provide them with all details they want.
So, please check the full email address and domain name in the email address carefully.
Tips 8: Do Not Post Your Personal Information on Public Forums, Blogs or Social Media
Are you the one who likes to post everything on social media, blogs or forums? Stop there!
No, we are not against your social media usage, but we want you to be careful while posting on social platforms. Don’t post your personal details on public media to protect your identity from being stolen and being used to cheat your loved ones. Yes, many people reported about Facebook fake profiles that used to commit fraud with a known person. According to the report, Facebook estimates 135 million (5% of 2.7 billion active users) fake profiles for 2020. The smart hacker uses your public media, name and other information to create the fake social media account and commits frauds like asking for money, a threat for personal data and uses some other way.
Also, posting your email address on public media leads to brute-force attack and phishing emails scam. It may damage your personal identity socially. So never share your personal information or email address on public media to protect your identity and security.
Tips 9: Don’t Share Personal Information via Email or Reply to Spam Emails
Cloud services are the trend in the technology world nowadays, and emails are one of them. There are many benefits of using cloud emails like security, availability and spam filters. Most of the cloud-based email services come with spam policies and filters those filtering outs the most of the junk mails. But still, there are chances to get some spam emails that lead to the security breach.
If you notice any email that seems unexpected or offering cheap or free services, please avoid it! No lunch is free in this world, so use your logic and stay away from spam emails. The best way is to avoid these emails and “Mark it as Spam” to not land into your inbox next time. If you still receive it by any chance, do not reply or share personal information over the email.
Tips 10: Don’t Use Public Wi-Fi
In today’s world, many business deals happen in cafes and restaurants. These are places where people are discussing in-person or sometimes online, including email conversations or chats. When your phone has bad reception, you won’t be able to use your phone hot-spot to connect your computer. In such a case, most people rely on the restaurant’s unsecured network, which may cause issues such as data theft.
Hackers use various hacking tools in Public Wi-Fi that help them “sniff network packets”, analyse the information and extract the personal data. The incident reported that people stolen the username and passwords for banks, social media accounts and email addresses.
Checking emails on Public Wi-Fi is always a high-risk, but you can use VPN services to secure your data from being stolen. VPN’s create an encrypted tunnel for data transport from Point A to Point B and make it impossible for hackers to access personal information.
Tips 11: Logout and/or Lock Your Device
Well, tips to logging out from your email service is one of the essential requirements for your email security. Also, locking down your computer or phone not just securing emails but your data too. So, always remember to log out once you finish with the work and keep your device password protected. It sounds so simple, but it is a good practice for your email and data security.
Tips 12: Always Backup Your Data (Must for Email Security. It’s a Life Saver)
Backing up data for every device you use is the best practice in the modern era of technology. It is always recommended to backup not just email but everything on your computer, phone or tablet. People take it lightly sometimes, but once they lose the data, they don’t have any sources to recover their important data.
For example, if you delete your email by mistake permanently and realise that some of them were important emails, how will you get it back? But if you have the backup of all your emails, you can certainly restore it with just one click if you backed up it on the cloud server. There are some manual ways to back up your emails periodically, like export emails as CSV or export PST file. It entirely depends on email services and backup tool you are using.
Final Thoughts about Email Security:
Email security is an essential requirement as the service holds lots of personal or business related information. If you don’t take care of your email security, it may lead to substantial personal or business loss.
We recommend you take an email or any other technological security seriously, and these tips will help secure your data. It is not hard; you need some basic knowledge and precautions to protect your email and personal data. It’s better to be safe than sorry.
However, other technological loopholes may sometimes lead to a data breach like Apple iPhone Mail App Security Exploits found in iOS 13. This zero-clicks security bug in iOS 13 allowed attackers to open a malicious email on iPhone in the background and trigger the remote actions. Such a security breach could transfer all your contact, data and personal information to attackers without you knowing.
But keep in mind that backing up data is an essential step to keeping your data protected and safe. It is strongly recommended to backup your emails, photos, medial files, work documents and all other necessary information periodically. All kind of data backup proven to be a lifesaver so keeps backing up your data regularly.
We hope you comprehend these pro email security tips and make it your habits to protect your and your organisation’s precious data.