If you’re like most people, you’ve been using email for the better part of two decades, or even longer. And if you are like most people, you probably think that you have a good handle on email security. You know that there aren’t members of the Nigerian royal family with buckets of money to share, or that you’ve won a foreign lottery that you never entered.
Even so, with all of this knowledge and all of the warnings, email is still one of hackers’ most common methods for stealing data. They send malware via email that opens a “back door” to a private network, or use the contents of your account to piece together enough information to steal your identity. You might think you have outsmarted the criminals, but if you’re making any of these common mistakes, you might not be as smart as you think.
Using the Same Address for Everything
Maintaining one email account may simplify your life, but it also makes it much easier for a criminal to gather information. Ideally, you should maintain separate accounts for work and personal messages, as well as an account to receive newsletters and commercial messages. Don’t use the same password for all of your accounts, either.
Using Personal Email for Work Documents
When you want to get some work done over the weekend, it’s tempting to just send the necessary documents to your personal email account. There is a chance, though, that your sensitive work documents could be intercepted, creating a data breach. Instead, work with your company’s IT team to develop a secure platform for accessing documents outside of the office. Cloud computing security solutions will keep the data safe from prying eyes while still keeping you productive.
Opening Spam
Even though spammers have become more sophisticated, it’s still easy to spot bogus emails. Don’t even open it. Responding or unsubscribing only opens the door to more spam, so let the spam filter do its job and delete the nuisance messages.
Emailing Personal Data
Even when you are positive that your message is encrypted throughout the entire transmission, sending personal data, including credit card and Social Security numbers, via email is never a good idea. If you must share that information, do so over the phone or use a secure website.
Using the Same Password as Other Accounts
Experts note that your email account should have a unique, strong password. Go ahead and use duplicate passwords for less high-value accounts, like news sites, but do not reuse your email password. With nothing more than your email address and that code, a hacker could access all of your other accounts, including your bank or credit cards.
Including All of Your Contact Information in Your Signature
It might seem helpful to include links to your social media accounts in your email signature, but you’re just giving a hacker more information to use in an attack. Spear phishing attacks are on the rise, and a hacker could use information in your Twitter account to launch a targeted attack leading to a breach. Only include your name, position, and maybe a phone number, if you must include a signature.
Responding to Phishing Messages
Phishing scams are getting more sophisticated, but there are usually some telltale signs. A legitimate company will never ask you to confirm sensitive information online, nor will they send security-related messages. Learn the signs of phishing, and when in doubt do not open the message. Instead, contact the company directly to inquire about potential issues.
Staying Logged In
It can be a pain to log in and out of your email every time, but staying logged in makes it much easier for a hacker to steal your information. Imagine losing your laptop — the thief will be able to easily view your messages and access even more information. Even in the office, if you stay logged in, someone can easily walk past your desk and see your messages. It’s best, then, to log out of your email every time you aren’t using it.
Not Encrypting Email
If your email provider does not automatically encrypt your messages, then invest in an encryption solution that will automatically mask your email contents from nefarious hackers “eavesdropping” on your conversations. It’s a simple step that goes a long way toward protecting your information.
Not Understanding Backups
Even when you delete a message from your inbox or sent file it can be retrieved live from a backup server for years. So even if you send something sensitive and delete it, it can still be stolen. Again, be cautious, and when in doubt, use the telephone or meet in person.
Email security isn’t complicated, but it does require knowing the risks. If you’re making any of these mistakes, make changes immediately and keep your own — and your company’s — data safe.
