Everyone needs to know the essential email security tips and put them into practice to protect their most important accounts.
You must already know that online security is important, but perhaps you don't give it the attention it deserves. Unfortunately, negligence in this area can lead to huge problems, and our email is one of the most sensitive areas.
Compromising your email account will allow an intruder to get into any account that is associated with that email! That's why we need to keep our email as secure as possible.
With that in mind, here are some simple, yet important email security tips to put into practice 🙂
Do you use Gmail email? Feel free to find out and join the "Making the most of Gmail" training to improve your mastery of Google's email system.
__1. Use multiple email accounts __Most people have one 'central' email account for all their personal activities. This means that all social network notifications, website sign-ups, newsletters, receipts, messages, password resets and more are sent to the same email box.
Having everything in one place means that if that place is hacked, we risk losing everything associated with it. If someone breaks in, they will be able to access all of the above media types. And remember that when you reset a password on most sites, the link to reset it goes into our email. This could allow someone to lock us out of our own accounts...
To combat this, it is wise to use separate email accounts for different purposes. This will help increase our security by limiting the damage someone could do by logging into one of these accounts. It is even better if we use secure email services for our most important accounts.
In addition, it can also increase our productivity. We can put all our work emails into one work account, communicate with friends and family with our personal account, have a recreational account for various websites, and then a disposable account for potential spam links. That way, if someone hacks our business account, all our personal emails will still be safe 🙂
__2. Set a strong and unique password __It doesn't matter if we use one email account or several as we saw in the first point. Whatever happens, it is essential to protect our email account(s) with a strong password. Reusing the same password on several accounts is a major vulnerability. If an attacker breaks a password, he will certainly try it on other accounts using our email address.
Although this sounds simple, many people do not follow these basic tips. The best way to improve our security in this area is to start using a password manager.
This solution allows you to create strong and unique passwords for each account and store them in a secure location. I recommend KeePass or BitWarden, which are free and open-source password managers.
__3. Enable two-factor authentication __In addition to a strong password, you have probably already heard the advice about using two-factor authentication (2FA). Although it can be a little awkward to use, it greatly increases the security of your account.
This is because, in addition to our password, this type of login requires a secondary code (usually received on our phone) to log in. As our email is the key to all other accounts, it is essential to enable double authentication on this account.
To manage this effectively on some accounts, you can use the Google Authenticator application. This generates offline codes that we can use to approve new account logins after we enter our password.
__4. Beware of phishing attacks __Legitimate companies will never ask you for our password or other sensitive information via email. Although we can spot blatant attempts to steal your information, scammers have become more effective at creating convincing phishing messages.
Typically, phishing emails claim to be from a legitimate entity (such as Amazon, Apple, PayPal, etc.) and tell us that something is wrong with our account. They then invite us to click on a link to a fake website.
If we then make the mistake of entering our credentials to "confirm" the information, we hand the data over to the thieves...
__5. Avoid clicking on links in emails __The widespread nature of phishing means that it is wise to follow a general rule: if in doubt, never click on links in emails. Although we can use our mouse on a link to preview the destination URL, this method is not foolproof. Most email frauds rely on us clicking on a link that takes us to a fake website.
At best, clicking on a link will let the scammer know that our email is active and that we are willing to click on the links. At worst, it could take us to a site that tries to install malware on our computer or wants to steal our information.
If we receive an email claiming to be from our bank or any other service asking us to log in, always visit the website manually to see what is going on. The only exceptions are when we explicitly expect a particular email, such as a forum registration link or a game account activation email.
__6. Do not open unsolicited attachments __Most of the time we have to treat attachments in e-mails as links. If we expect something from a friend, we can probably open the attachment.
However, if the e-mail is unsolicited, we should not open any of its attachments. Even if the file looks innocent, it may be a hidden danger. It is common to spoof file names and extensions to make a nasty ".EXE" look like a ".JPG", for example.
Many ransomwares are distributed via email attachments, so opening one could start the encryption process on our system.
You probably know that public Wi-Fi is not as secure a connection as your home network. And while you'll probably be fine checking your email on airport or café Wi-Fi, you should always be careful when using such networks.
__7. Be careful on public networks and computers __With the widespread use of HTTPS, our activity on most websites is safe from prying eyes elsewhere on the network.
However, if we don't own the network (our Internet box), we can't be sure of its configuration. The network may be a spoofed point, or malicious software may be installed to allow man-in-the-middle attacks.
The same applies to connecting to our email on public computers, such as those in libraries and hotels. Someone could install a keylogger on these machines to steal our credentials, so it's best to stick to trusted devices like our phone where possible.
__In conclusion... __While the web has become more secure over time with the widespread use of HTTPS, stronger encryption protocols and better automated detection of email providers, much of our digital security still rests on our decisions.
Thus, securing our email accounts is essential and our online security will become much stronger because of it 🙂