Another day, another hacking story. From celebrity data leaks to multi-million pound breaches by global corporations.
A hacked email account or server means so much more than a password reset. Think about what’s inside your emails, linked accounts, reused passwords, sensitive data, and you’ll see the snowball effect can be devastating. Businesses should make sure they’re using compliant systems and solutions to protect their company and staff.
But when it comes to your personal email use, the question is: how to keep your email secure?
Here are 8 methods you can use to protect your multiple accounts from a data breach.
1. Don’t Use The Same Password Everywhere
In the digital world, your password serves as the key to your online accounts, including your email. A strong and unique password is essential for safeguarding your email and financial information from unauthorised access. Here are some key guidelines to follow:
- Create Strong Passwords: Avoid using easily guessable information like birthdays, names, or common words. Instead, opt for a combination of upper and lowercase letters, numbers, and symbols. Aim for a minimum password length of 12 characters.
- Uniqueness is Key: Never reuse passwords across different websites or accounts. If one account is compromised, all accounts using the same password are at risk.
- Password Manager: Consider using a password manager so all your passwords are unique, without the hassle of remembering everything.
- Password Confidentiality: Never share your passwords with anyone, not even friends or family. Avoid writing passwords down or sending them through insecure channels like email or text messages.
2. Enable Two-Factor Authentication (2FA)
Two-factor authentication (2FA) adds an extra layer of security to your email account, making it significantly more difficult for unauthorised individuals to gain access. With 2FA enabled, you’ll need to provide two pieces of information to sign in: your password and a unique code generated on your phone or tablet.
Here’s how 2FA works:
- Password Entry: You enter your email address and password as usual.
- Code Verification: A code is sent to your registered phone number or generated on an authenticator app on your phone/tablet.
- Two-Factor Verification: You enter the received code along with your password to complete the sign-in process.
By enabling 2FA, you significantly enhance the security of your email account, making it much more difficult for attackers to gain access even if they have your password. You can find this in your email account settings easily and the whole process won’t take more than 5 to 10 minutes.
3. Be Wary of Phishing Scams and Malicious Links
Phishing scams are deceptive emails or websites designed to trick you into revealing personal information, such as passwords or credit card numbers. These scams often appear to be from legitimate sources, such as banks, online retailers, or government agencies.
Here are some tips to avoid phishing emails, scams and malicious links:
- Verify Sender Information: Check the sender’s email address carefully for any misspellings or inconsistencies. Hover over the sender’s name to view the actual email address.
- Suspicious Links: Be cautious about clicking on links in emails, especially those from unknown senders. Before clicking, hover over the link to see the actual destination URL. If it looks suspicious or doesn’t match the sender’s identity, don’t click it.
- Password Protection: Never enter your password or other sensitive information in response to an email. Legitimate companies will never ask for such information through email.
- Attachments: Avoid opening attachments from unknown senders, as they may contain malware or viruses. If you’re unsure about an attachment, contact the sender directly to verify its authenticity.
In general, you should be wary of free software deals from a random online service you aren’t familiar with.
4. Regularly Update and Secure Your Computer
Keeping your computer up to date with the latest security patches and running reliable antivirus software is crucial to protect your email from malware, viruses, and other online threats. Here are some specific actions to take:
- Operating System Updates: Ensure your operating system is updated regularly to receive the latest security patches and fixes. These patches often address vulnerabilities that hackers can exploit to gain access to your system.
- Email Application Updates: Keep your email application updated to the latest version. Email applications regularly release updates to address security bugs and improve overall security.
- Security Software Updates: Install and maintain up-to-date antivirus and anti-malware programs. These programs scan your computer for malicious software and protect your email from potential threats.
- Regular Scans: Regularly scan your computer with antivirus and anti-malware software to detect and remove any potential threats. Schedule regular scans to ensure your system remains protected.
- Suspicious Applications: Be cautious when installing new applications or programs. Download software only from trusted sources and avoid clicking on suspicious emails or advertisements that may lead to malware downloads.
- Firewall Protection: Enable a firewall on your computer to filter incoming and outgoing network traffic. This helps to block unauthorized access attempts and protect your system from online attacks.
- Physical Security: Implement physical security measures to protect your computer from unauthorizsed access. Use strong passwords for your computer and lock your screen when you step away. Consider using a physical security device, such as a lock, to secure your laptop when not in use.
By regularly updating your software and maintaining a clean and secure computer system, you can significantly reduce the risk of malware infections and other security breaches that could compromise your email security.
5. Avoid Public WiFi
The new foundation block of Maslow’s hierarchy of needs, free WiFi is ubiquitous. From coffee shops and department stores to banks and country parks, it’s easy to get your hands on a free-for-all password. But with high volumes of users emailing, shopping and browsing on a single network, hackers make light work of accessing private data.
Your mobile network is a more secure option when out and about. Set up your personal hotspot and make sure you have a strong password. Your phone will tell you how many people are using your device hotspot, so you can kick off unwanted visitors. If you must use public WiFi, make sure your activity is encrypted and that your software is up-to-date.
Ideally, avoid super-sensitive tasks like personal banking or accessing payslips. Always verify the network’s name, as it’s not uncommon for hackers to set up their own hotspot using a similar name, so you end up spoon-feeding them your personal info.
6. Use Text-Only
Reading your email in plain text is the safest way. Sure, it makes a less exciting and engaging email but reading emails in HTML is bad practice from a digital privacy side! HTML emails can contain ‘active content’ – code that can possess hidden files or attachments that will be automatically opened, initially infecting the device being used and potentially a number of accounts and devices thereon.
You may have filters in place, but those behind the content are well versed in hiding the true intent of the text and are able to find file types that will pass through the filters; e.g., the Winevar Virus, which contained .CEO files to get past filters that had prohibited EXE files.
Plain text emails don’t contain anything hidden, the links are displayed – it is therefore a far safer practice to ensure all emails are read in text only format.
7. Use a Separate Email Account for Subscriptions
Subscriptions to newsletters are found in everyone’s inbox – they can be a great source of information and inspiration, but they can also be used in a phishing scam (as well being a minor irritation!). Set up a separate email address such as Google or Outlook, who are great at filtering spam for you to use when registering for these subscriptions. That way, should your email address be harvested for malicious intent, there is nothing sensitive that can be gained from this email address. It can be closed, and you can set up a new address very quickly.
8. Use Encrypted Email Security Services
The information sent in our daily emails is a cyber criminal’s dream; names, addresses, company information, not to mention banking details and personal information that is freely sent can potentially lead to a lot of trouble. Even if you use a secure HTTPS connection, you have no control over the recipient’s connection or server (or even if they use a public WiFi signal). If you must send these details via email, then encrypting the files or the email is the safest way, and there are plenty of tools that will enable you to do this.
Encrypted email services offer an additional layer of security for your email communications. These services encrypt your emails, making them unreadable to anyone except the intended recipient. This protects your privacy and prevents unauthorized individuals from intercepting and reading your emails.
Here are some benefits of using a secure email service:
- End-to-End Encryption: Encrypted email services provide end-to-end encryption, which means that your emails are encrypted from the moment you send them until the recipient decrypts them. This ensures that your emails remain private and secure throughout their journey.
- Spy Pixel and Tracker Blocking: Many encrypted email services block spy pixels and trackers, which are often used by senders to collect information about your email activity. This helps to protect your privacy and prevent your data from being used for targeted advertising or other purposes.
- Secure Communication: Encrypted email services provide a secure way to communicate with sensitive information, such as financial data or personal details. This is especially important for businesses and individuals who handle sensitive data.
You will need to provide the email app recipient with the password – but of course, don’t do this over email!
How to Keep Your Email Secure
Viruses can be contracted from emails, malicious websites, and downloading/installing questionable files. They’re everywhere.
Being vigilant and practising good internet hygiene is the best way to keep your email secure. Don’t click links you don’t trust, and always verify if you can. Make sure to set up a 2FA too.