These days, we live in a nearly paperless world. Gone are the days when your mailbox was stuffed with sensitive materials from your bank or your employer. Well. Gone are the days when your physical mailbox was stuffed with sensitive information. Now we keep our secrets in our email inboxes.
Maintaining the security of your email is absolutely crucial. If there’s one thing we know for sure, it’s that email is here to stay. Emails can be used to spread malware, spam, and phishing, but you aren’t helpless with our email security best practices.
Email Security in a Nutshell
Email security is protecting your email communication from unauthorized access. Your email contains a lot of sensitive information that you don’t want falling into the wrong hands. Once in your email, an attacker can reset passwords on your other online accounts enabling them to access troves of other personal logins and information. In addition to protecting your information and personal details, or sensitive company information, email can also be used to spread malware that can cause damage to your phone or computer.
Identifying an Email Attack
Email attacks get more and more sophisticated all the time. They can be difficult to identify, but there are a few questions you can ask yourself that can help you spot an email attack.
Before opening a suspicious-looking email ask yourself the following questions:
- Do you know the person emailing you?
- Is the email address legitimate?
- Did it show up in your inbox rather than spam?
Any time you are unsure about the legitimacy of an email you have received, it’s better not to open it. If a suspicious email arrives in your work inbox, go ahead and contact your company’s IT department. It is better to take email threats seriously.
This is where good computer security software proves its value. A good computer security software will identify email attacks for you, and in most cases, prevent them.
Email Attack Prevention
Just like in sports, when it comes to email threats, the best offense is a good defense. Taking proactive, preventive measures against email attacks is the best way to stop them from happening.
Email Security Tips
Use a Password Manager
They generate unique complex passwords for all your online accounts. But beyond that, they make the login experience so easy and simple across the web. You don’t have to remember all the different passwords you use for your different accounts. Plus autofill saves you the time from having to type in your password at all.
Our favorite password manager at Batten is a solution called Dashlane. It has the easiest set-up user experience and makes auto-logging into all your online accounts a breeze. Plus it comes with a VPN service.
Let’s be serious, recommending you to change your password regularly is not particularly insightful or realistic. For example, our Head of Product, Alex Stroud, has 288 online accounts with unique passwords stored in his Dashlane account, making it easier to remember these accounts.
A password manager keeps all of your usernames and passwords in a secure database so you don’t have to remember all of them. Most password managers will even suggest super-secure passwords for your logins.
Set up Multi-factor Authentication (MFA) or Two-factor Authentication (2FA)
This can be done easily in your email settings. You can link your cell phone to receive a text message with a temporary code, which is a good security step, though not the strongest two-factor method. Or, for the most secure two-factor authentication, we recommend using a Yubikey. It plugs into your computer and you simply tap it with your finger when logging into your email.
Utilize Spam Filters
All spam filters keep unwanted emails out of your main inbox so you don’t have to worry about them. There are a few different types of spam filters you can set up like:
- Content filters. Content filters analyze an email’s content and determine whether or not it’s spam. They are pretty reliable since most spam emails are predictable and have a similar format.
- Blacklist filters. Blacklist filters automatically block emails from email addresses that have been identified as spammers. These lists change frequently to keep up with ever-changing tactics from spammers.
- Header filters. This type of spam filter scans an email’s header to identify the source. The filter identifies whether or not the email is coming from a legitimate organization or person.
- Language filters. One of the simplest types, language filters block any emails that are written in a different language than your typical emails.
- Rule-based filters. If you know what kind of emails you would like to avoid, you may want to utilize a rule-based filter. You will set your own rules, like blocking any emails that have the phrase ‘special offer,’ and the filter will take care of the rest. You can also use this to blacklist specific senders or organizations.
- Bayesian filters. A Bayesian filter observes your manual habits and applies them to future emails. As you manually send unwanted emails to spam, the filter learns which type of emails you consider spam and will automatically remove them for you.
Back-Up Your Important Data
One of the worst results of an email attack is losing your data. By frequently backing up the data in your email account, you can mitigate any damage caused by attacks.
Frequent Education/Training on Email Attack Prevention
Email attacks are constantly changing and challenging email protection software. Engaging in education on how to protect yourself from email threats will keep you ahead of the game.
Automatic Email Encryption
If you are sending an email with sensitive information, encrypt it. You can encrypt emails manually, but for an extra layer of protection turn on automatic encryption for all emails. An encrypted email converts plain text into ciphertext. After the content has been encrypted, only a recipient with the key can read the message.
Do Software Tool Plugins Put Your Inbox at a Higher Risk?
The short answer? It depends.
Whether or not software tool plugins put your inbox at higher risk depends on whether or not your plugins are updated. Having outdated plugins certainly increases your risk. Plugins can offer better encryption, backups, and filtering, but only if they’re up to date.
If you have an email plugin that is highly reputable or from the provider (i.e. Microsoft) your email could be more secure by offering better encryption, backups, filtering, etc.
Don’t Wait to Protect Your Email Inbox
If you haven’t already taken steps to protect your email account and sensitive data from a cyber-attack, now is the time to start. Securing your inbox is simpler than you think; all it takes is a few steps to protect your private information from hackers, leading you to wonder why you didn’t do it sooner.
Learn more about email security best practices by listening to the full episode of Batten Down Dialogues.