Safe online practices are important to keeping your online identity unadulterated and free from viruses, hackers, and all sorts of Internet-based shenanigans. And the best place to start? Your inbox.
Internet security is a topic that we all know to be important, but it often sits way back in the recesses of our minds, fooling ourselves into believing that “it won’t happen to me”. Whether it’s the destructive force of the newest virus or just the hacking attempts of a newbie script kiddy, we’re always only one click away from dealing with a security mess that we’d rather not confront. Nowhere is this truer than in our emails.
Here are some simple yet important security tips you should know in order to keep your email account as secure as possible.
1. Use Separate Email Accounts
If you’re like most people, your email account is probably the centralized hub of your personal activity. All of your Facebook notifications, website registrations, newsletters, messages, etc. get sent to your email box, right? That means you’re putting all of your eggs in one basket – if that basket happens to fall, you’ll lose all your eggs with it.
Considering that e-mail addresses are easy and often free to acquire, dilute your risk by spreading your inbox exposure. For example, using a separate e-mail address for work and personal correspondence keeps sensitive professional details in a separate place from a hacker who might break into your personal account.
E-mail readers, including Outlook, Windows Live Mail, Thunderbird, and Apple Mail can be configured to check multiple accounts simultaneously (including Gmail), to minimize the inconvenience of keeping tabs on separate accounts.
2. Create A Unique Password
Going along with the multiple account idea, you should also have an entirely unique password for each of your email accounts. Even if you decide to keep one “master” email account, make sure that its password is 100% unique.
Once you’ve created a password, you can add an extra layer of security by enabling 2-Step Verification for G Suiite. 2-Step Verification requires you to have access to your phone, as well as your username and password, when you sign in to your Google Account. This means that if someone steals or guesses your password, they still can’t sign in to your account because they don’t have your phone. Now you can protect yourself with something you know (your password) and something you have (your phone).
This is common advice, but still so many people still neglect it.
3. Beware Of Phishing Scams
When dealing with a particular company or product that requires account information, have you ever seen the following message: “Never give away your personal information. We will never ask you for your password.” When someone sends you an email asking you for your personal information, you know right away that it’s a trick.
But there’s another level to this scam and it’s called “phishing.” Basically, malicious users will imitate and impersonate high-profile websites (e.g., eBay, Amazon, Facebook, etc.) and say that they’re experiencing trouble with your account; all you have to do to fix it is to send them your username and password to verify your authenticity. Sometimes they’ll even link you to a false website that looks exactly like the real thing.
Be wary. In fact, whenever your personal information is ever brought up in a non-face-to-face capacity, your scam detector should go off loud and clear.
4. Never Click Links In Emails
Phishing brings me to my next point. Whenever you see a link in an email, 99% of the time you should not click on it. The only exceptions are when you’re expecting a particular email, such as a forum registration link or game account activation email. Things like that.
If you receive a spam email that tries to sell you a particular service or product, never click on any of the links inside. You never know where they’ll lead you. Sometimes they might be safe; other times they’ll bring you straight to the doors of hell and swarm you with malware and viruses.
If you get an email from your bank or any other service (e.g., bill payments), always visit the website manually. No copy and paste. No direct clicking. You’ll thank yourself later.
5. Do Not Open Unsolicited Attachments
Attachments are a tricky thing when it comes to email. If you’re expecting something from a buddy or an uncle, then sure, go ahead and open the attachment. Have a laugh at the funny photo they sent you. It’s all good when you know the person sending the attachment.
But if the email is unsolicited, never open any attachments. Even if the file looks innocent, you could be in for a world of hurt. Filenames can be spoofed. JPEGs could be EXEs in disguise and those EXEs will run as soon as they’re downloaded. And then you’ll have a virus on your hands.
6. Scan For Viruses & Malware
If you open an email and it seems suspicious in any way, go ahead and run a malware and virus scanner. Not every spam email will infect you with a virus and it may seem like overkill to run a malware scanner every time you open a fishy email, but it’s better to be safe than sorry. The one time that you decide to let it go could be the time your computer loads a keylogger.
7. Avoid Public Wi-Fi
And lastly, avoid checking your email when you’re on public Internet. Yes, I know that when you’re waiting for an airplane to reach your gate, it can be tempting to whip out your smartphone or laptop and check for new messages. Unfortunately, public Wi-Fi can be extremely insecure.
There are programs out there called “network sniffers” that run passively in the background of some hacker’s device. The sniffer monitors all of the wireless data flowing through a particular network – and that data can be analyzed for important information. Like your username and password.
It’s strange that as the years go by, security grows tighter in some ways and we remain just as vulnerable as we’ve always been in other ways. Email security comes down to common sense and careful decisions. Don’t let laziness and convenience overshadow your desire for protection and peace.