Close-up image of hand using smartphone email icons showing the need for email security
Personal Email Security Guide by Ben Hartwig, Content Director at InfoTracer

Personal Email Security Guide

Email is the most used digital communication method in the world.

There were 3.9 billion email active users worldwide at the start of 2019, and the number is estimated to grow to 4.3 billion by 2022. By comparison, social media had 3.5 billion users during the same year, and the top messaging app WhatsApp had 1.5 billion in 2018.

Everyone uses email, it’s incredibly useful, and you can’t sign-up for accounts or do much of anything online without one. However, email is still a hacker’s favorite route to attacking a target, because most users don’t bother to secure their accounts.

Security risks affecting email

Many bad actors threaten the safety of email accounts. The most prevalent of these threats are spam, malware, phishing, and spoofed domains.

Malware

Malware is short for “malicious software.” It can infect computers via an external link, infected USB, or downloaded as an email attachment. Once malware gains access to a computer, it can corrupt data, steal credentials, and even mine cryptocurrencies. Hackers also use malware for ransomware attacks, holding a computer hostage until the user pays a ransom.

Stay Safe: Ensure your computer has updated antivirus software to check if you’re inserting an infected USB. Never click on a link or download attachments from an unknown source. Use a VPN to encrypt your web traffic.

Spam

Spam is a form of unsolicited email or junk email sent in bulk by spammers. They collect email addresses from customer lists, websites, chat rooms, social media, and compromised address books. While most spam is commercial advertising, they’re super annoying and dangerous. Junk email could contain links to phishing sites or attachments infected with viruses, trojans, and malware.

Stay Safe: Make sure you’re using a spam filter, and avoid opening messages in your junk folder unless it got sent there by mistake. Use an alternate or disposable email address when signing up for chat rooms or social media.

Phishing

Hackers design phishing emails to look official so they can trick users into handing over personal information and even install malware remotely. Phishing emails usually contain messages that you’ve won something, or threats to shut down your account. This type of email often has poor grammar and uses words such as “urgent” all the time.

Stay Safe: Make sure to double-check the sender’s email address and domain name for signs of forgery or misspellings. Reputable businesses and banks will never ask for personal and sensitive information via email. If a message asks for your password, credit card details or social security number, that’s a phishing email. The most basic step to do in such an uncertain situation is to use reverse lookup service to find out more information about sender.

Spoofed domains

Hackers buy domain names that sound like the brand they want to spoof, and disguise it to look exactly like the real thing. Unsuspecting email users that click on the link to the spoofed website get tricked into entering sensitive information.

Stay Safe: Install ad-blocking software and make sure your browser blocks malicious websites by default. Double-check the web address or URL to see if the top-level domain (TLD) name used makes any sense. Generic TLDs are .com, .net, .org, and .gov. If a site claims it is an official government website, but doesn’t use a .gov address, it’s a fake.

You need to secure your email account right now

People sent 269 billion emails in 2017, and the number is estimated to grow to 333 billion in the next four years. Unfortunately, 60 billion junk emails (spam) will also get sent in the same period. Spam isn’t innocent or harmless, and the reality is one out of a hundred sent emails is a malicious hacking attempt.

Tips to secure your email account:

  • Use strong passwords

Stop using your dog’s name, your birthday, or qwerty. Never use the same password for all your online accounts, change your passwords regularly, and never share it with anyone else. Either use a password generator or use four easy-to-remember words that are both random and common.

  • Enable two-factor authentication

Enhance your email account’s protection by enabling two-factor authentication. 2FA adds an extra layer of security to your account, and a hacker would need both your password and your phone to gain access.

  • Use encryption whenever possible

By default, all emails sent using Gmail or Outlook are encrypted. However, you can beef up your security by running third-party encryption software or by using a provider that focuses on encrypted email.

Summary

Anybody can make an email account, but not everybody knows how to secure it properly. Unsecured email accounts on compromised computers can provide a treasure trove of personal and financial data for hackers. Identity theft causes not only monetary losses, but can also damage your personal reputation online.

If a hacker emails people in your circle or takes over your social media, your credibility takes a hit, albeit temporary. For your peace of mind, secure your email now.