Most of us spend a significant portion of our workday sending or responding to emails. As the number of emails grows, so does the number of email threats. As hackers become more skilled, security professionals are working hard to keep up with the pace. However, email remains an important vulnerable area. These simple email security tips can save you and your business a lot of frustration.
1. Be aware of common phishing programs
Cyber criminals are using increasingly sophisticated tactics to collect users' personal information by sending phishing emails that appear to come from trusted sources. For example, an email from your bank or a supplier where you have an account may ask you to verify your password or credit card information.
Red flags to watch out for include:
• Messages requesting personal information, including Social Security numbers or passwords. Often these emails indicate that the alleged sender is having problems with your account. A legitimate source will never ask you for your password.
• Emails marked “Urgent”.
• Bad grammar or writing.
• Use of financial terms in the subject (payment, invoice, etc.)
• Hyperlinks – Always hover over a hyperlink to see the actual URL before clicking the link. Look for spelling mistakes in links that otherwise seem legitimate.
• Attachments:Do not open the file if you don't expect an attachment or if something seems different than usual.
Never blindly follow the instructions in an email, how convincing as the author may sound. Always be suspicious and verify the source when you come across anything unusual.
2. Keep business and personal email separate
Remember, your business email isn't yours. It belongs to the company. For your own privacy and for the security of the company, reserve your business email account for business communications. Keep a separate email account for personal use and make sure to create a unique password for each account. Reusing passwords between accounts makes you vulnerable to hackers.
3. Share wisely
Despite what your mom taught you, sharing isn't always the best idea. When it comes to files, think twice before emailing that link. Share only the information that needs to be shared and only with the people who need to use it. Check your shared folders regularly. Information that was valid last month may not be valid today.
Be extra careful with confidential information. If you long-press the button, you may be tempted to email credit card information to a vendor or your Social Security number to Human Resources. Resist the temptation. Unencrypted email is not the place for sensitive personal or financial information.
4. Check the target's email address
In conjunction with sensible sharing, please take a moment to slow down and verify the email address before clicking submit. All too often, users rely too much on quick lookups. Take, for example, an employee who has customers with similar names. It would be easy to accidentally send a confidential email to Jimmy Jansen that was actually intended for Jim Janssen.