In this day and age, cybersecurity is not something to be taken lightly. Each year, hundreds of millions of Internet users get hacked or have their data exposed in a data breach. Therefore, it’s crucial that you know how to ensure email security for both your personal and work email accounts.
Your emails contain tons of sensitive data about you: from your purchasing habits or your exact schedule to medical problems and intimate conversations. Moreover, someone who took control of your email could send dangerous malware to your friends, family, and colleagues impersonating you. Email security might take some time and effort, but it is absolutely essential.
Use Strong Passwords
In theory, no one needs explaining why we need strong passwords. And yet, research after research reveals Internet users using weak and easy to guess passwords like “qwerty”, “1111”, “password”, or their kid’s name. If you want to get serious about your email security, start by using a password generator to generate a long, secure password for you (at least ten characters long).
Note that all your passwords need to be unique. Data breaches are a daily occurrence and a leaked password will likely end up on a black market, sold to the highest bidder. If you used that password on several other accounts, you are guaranteed to get hacked. Your email password will only protect you if you hadn’t used it on any other accounts in the past.
Watch out for Phishing
One of the biggest dangers for our emails is phishing. A phishing attack is different from most hacking as it depends fully on deception. Hackers send an email to the victim that impersonates a legitimate institution, typically a bank, government, or a payment platform like PayPal.
Those emails often convey a sense of urgency and fear. They might inform you that your card has been blocked or that you haven’t paid off your credit card. The goal is to redirect the victim to a fake website where they enter their login details or credit card information, which goes directly to the hackers.
Given the notoriety of these attacks, it’s important to know how to spot them. For starters, be suspicious of any emails that are either too good to be true or that send you into panic mode. Be careful before clicking the links in emails. If you get an email from PayPal asking you to contact them, simply type their site into the search bar and contact the Support Team instead of following the link. That way you know you’ll end up on the real site.
Don’t Download Suspicious Attachments
Aside from directing you to a website set up by hackers, phishing emails might also prompt you to download attachments containing viruses. When opening commonly infected formats such as pdf, xls, and doc, use the built-in functionality of your webmail provider (ex. Gmail has a virus scanner for attachments).
If you want even more security, you can use an attachment sandbox, which will pre-open all the attachments in a safe environment and report back whether any malware was found. Just don’t use the software available for free — those programs have their own security issues.
Protect Your Account with Two-factor Authentication
With email attacks getting so sophisticated, there’s no shame in falling victim to one. But if you do, make sure you have a safety net to fall back on. Two-factor authentication is the extra layer of security that can save your data if your password is compromised. This is a great form of email security.
Two-factor authentication is a combination of a password and a second verification step. You can choose between many methods of authentication but some are more secure than others. There have been cases of hackers redirecting victim’s texts to their own SIM card so texting is generally considered less trustworthy. Try using an authenticator app on your phone or a security key instead.
Encrypt Your Emails
Another key component to email security is encryption. To protect extra-sensitive emails from being snooped on or intercepted, it’s a good idea to use encryption. Encrypted email can only be opened by someone who has the key, or in other words, the password.
Pretty Good Privacy (PGP) is free software that encrypts the contents of your emails so that only the recipient can read them. Keep in mind that it does require the recipient to use the software as well so you need to notify them in advance.
Apart from the rules above, make sure to take good care of your device security as well. What easier way to access someone’s email than steal a device it’s signed in on? Secure your phone, tablet, and laptop with strong passwords or PIN codes. Some email apps, like ProtonMail, will also allow you to secure the app itself with an additional password.
Cybersecurity might seem daunting but if you follow a few simple rules, your account will be safe from hackers and snoopers. Stay vigilant and don’t take cybersecurity shortcuts — they never pay off!
The original version of this article was first published on Converge.