RCS Professional Services Blog

RCS Professional Services has been serving the New York area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Email Security Basics

Email Security Basics

Email is a modern classic as far as business solutions are concerned, and you’d be hard-pressed to find an office that didn’t use it in some capacity or another. However, because email is so popular, it has become a favorite attack vector of malicious users. Fortunately, there are some basic practices that will help keep your email account secure and your communications private.

Follow Password Guidelines
As you might imagine, one of the most important, basic ways that you can lock down your email account is to ensure that your password is sufficiently strong. Too often, breach statistics (and similar data sets) reveal that passwords are still overwhelmingly insecure. Pet names, birthdays and anniversaries, and favorite sports teams are used as passwords far more than they should be, as are common keyboard patterns, like qwerty, asdf, and the like. Some minimal social engineering could very easily provide someone with access to an email account they have no business being in.

To counter this, avoid the temptation to resort to formulaic, easy-to-guess password systems - like, for instance, smushing your alma mater’s mascot together with the number of your childhood home. Again, these password conventions are the first things that a cybercriminal will try if they want to get into your email account. Instead, do your best to rely on an as-random-as-possible string of numbers and letters - creating a different one for each of your accounts. This will ensure that your passwords are as strong as possible with the added benefit of protecting the rest of your accounts if one of your passwords is discovered.

Of course, for the sake of pragmatism, is it totally realistic to remember a completely random string of alphanumeric characters for everything that requires a password? For many, it isn’t. That’s why many resort to using, rather than a password, a passphrase. A passphrase takes a sentence memorable to the individual and turns it into a mnemonic device. So, a fan of films by Rob Reiner could take a line from one of his works and create a password from it, like “uRdBS” or “HFSTC” from The Princess Bride, or “UCHTT” from A Few Good Men.

Avoid the Unknown
Once you’ve accessed your email, there are a few ways that you can avoid putting yourself at risk. One very important way is to avoid the links in email unless you have verified that they do, in fact, go to (and come from) where they appear to.

First, where will the included link direct you? Links can be tricky things, which makes them a favorite of cybercriminals to use in emails. If the link is attached to text, you should hover over it and peek at the status bar that pops up before clicking on it. While the text might say that it brings you to the sender’s official webpage, the link could very well actually direct you to a domain that uploads a virus into your system. If the status bar says that you will be directed to someplace that doesn’t look quite right, skip the link.

You also shouldn’t blindly open an email that hasn’t come from a known or verified source, and even that can now be dangerous. There is a tactic that can be used to great effect as a way to snare even the most cybersecurity-mindful targets called email spoofing. As its name suggests, email spoofing is the act of forging an email’s header so that it appears to have come from someone else, likely someone trusted enough that the email will be opened, read, and interacted with.

As a result, it is best to verify the email with the cited sender whenever possible, through a different means of communication. Whether that means a quick phone call or instant message before you open the email, it is better to be safe than it is to be sorry.

What are some other ways that you keep your email from becoming a security risk? Share them in the comments, and make sure you take a moment and subscribe to this blog!

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, 26 May 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Upcoming Events

No events

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Best Practices Technology microsoft Privacy Internet Tip of the Week Software Business Management workplace tips Small Business Email Tip of the Week gadgets Backup Mobile Office Hackers Managed Service Provider Cloud Productivity hardware Saving Money Quick Tips Google Malware Data Business COmputing Social Media Business Smartphones Microsoft Office Android Users Mobile Devices Hosted Solutions User Tips Computer Innovation IT Services Virtualization Efficiency Passwords Miscellaneous IT Support Business Continuity Smartphone Upgrade Windows WiFi Operating System Network Security Communication Holiday VoIP Disaster Recovery Server Mobile Computing Apple The Internet of Things Ransomware Unified Threat Management Alert Mobile Device Management Marketing Network Windows 10 Antivirus Windows 8 Apps Remote Computing IT Consultant Outlook Analytics History Facebook Gmail Collaboration Browser Excel Cybersecurity Vendor Management Remote Monitoring Artificial Intelligence Virus Search Big data Maintenance Content Filtering Tech Term Going Green IT Support Data Management Hacking Data Recovery Phishing Office Health Firewall Bandwidth Current Events Cybercrime Productivity Mobile Device Money Humor communications App Printer Lithium-ion Battery Data Backup Tutorials Data Security Update Social Networking VPN Automation Augmented Reality Employer-Employee Relationship Spam PowerPoint Managed IT Services Proactive IT Internet of Things Hard Drives Cost Management iPhone Website Best Practice BDR Networking Downtime Laptop BYOD Comparison Windows 10 Tech Support Bluetooth Office 365 Wireless Technology Lifestyle Mouse Safety Specifications Customer Relationship Management SaaS Patch Management Data Breach Information Technology DDoS Government Help Desk Bitcoin Applications Sports Unified Communications Word Law Enforcement Business Intelligence Blockchain Project Management Cryptocurrency Cortana IT Management USB Cleaning Avoiding Downtime Compliance Bring Your Own Device Vulnerabilities Data storage IBM Vulnerability Presentation Computers Running Cable Net Neutrality Encryption Google Docs Business Technology Touchscreen User Error Document Management Company Culture Pain Points Inbound Marketing Websites Save Money Scam Retail eWaste Education Administration Experience Robot Computer Repair Data loss Saving Time Digital Payment Phone System Gaming Console Managed IT Services Tech Terms Two-factor Authentication Hiring/Firing Disaster User Computer Accessories Access Control Social Engineering Chrome Social Tablet Save Time Advertising Accountants Budget Documents Data Protection intranet Skype Printer Server Hosted Solution Hiring/Firing Microsoft Excel Professional Services Public Speaking End of Support Wearable Technology Entertainment Online Currency Audit Equifax Hard Drive Securty GPS Travel Drones Zero-Day Threat Redundancy Heating/Cooling Writing Get More Done Printing Startup Harddrive Distributed Denial of Service 3D Digital Product Reviews Webinar Dongle Text Messaging Mobile Security Hacker Display Password Trending Downloads Legislation email scam Entrepreneur Manages Service Provider Network Congestion Virtual Assistant Service Level Agreement Ebay Emergency Multi-factor Authentication Customer Service Memory HIPAA Electronic Payment Statistics Mobility Emails Processors Computer Care Time Management Router Analytic Point of Sale Hard Drive Disposal Pirating Information Device security IP Address Fax Server Trojan Society Google Calendar Wireless Headphones Wireless Training Unified Threat Management Computing Infrastructure Teamwork Media Streaming External Harddrive Legal Storage Television Nanotechnology Google Maps Business Cards Keyboard Office Tips Debate HTML Domains Smart Phones Identity Theft LinkedIn Music SharePoint Screen Reader Upselling YouTube Software as a Service Piracy Shortcut Knowledge Virtual Reality Troubleshooting Environment Black Market Programming Freedom of Information Conferencing Staffing Streaming Media Software License Competition Deep Learning Co-Managed IT File Sharing Devices Chromebook Phone Systems LiFi Business Growth Read Leadership News Backup and Disaster Recovery Windows XP Managed IT Mobile Technology Application Monitors Regulations Business Owner Visible Light Communication Start Menu Google Wallet Twitter Fake News Value Recovery Virtual Desktop Desktop Displays Hackeres