RCS Professional Services Blog

RCS Professional Services has been serving the New York area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Email Security Basics

Email Security Basics

Email is a modern classic as far as business solutions are concerned, and you’d be hard-pressed to find an office that didn’t use it in some capacity or another. However, because email is so popular, it has become a favorite attack vector of malicious users. Fortunately, there are some basic practices that will help keep your email account secure and your communications private.

Follow Password Guidelines
As you might imagine, one of the most important, basic ways that you can lock down your email account is to ensure that your password is sufficiently strong. Too often, breach statistics (and similar data sets) reveal that passwords are still overwhelmingly insecure. Pet names, birthdays and anniversaries, and favorite sports teams are used as passwords far more than they should be, as are common keyboard patterns, like qwerty, asdf, and the like. Some minimal social engineering could very easily provide someone with access to an email account they have no business being in.

To counter this, avoid the temptation to resort to formulaic, easy-to-guess password systems - like, for instance, smushing your alma mater’s mascot together with the number of your childhood home. Again, these password conventions are the first things that a cybercriminal will try if they want to get into your email account. Instead, do your best to rely on an as-random-as-possible string of numbers and letters - creating a different one for each of your accounts. This will ensure that your passwords are as strong as possible with the added benefit of protecting the rest of your accounts if one of your passwords is discovered.

Of course, for the sake of pragmatism, is it totally realistic to remember a completely random string of alphanumeric characters for everything that requires a password? For many, it isn’t. That’s why many resort to using, rather than a password, a passphrase. A passphrase takes a sentence memorable to the individual and turns it into a mnemonic device. So, a fan of films by Rob Reiner could take a line from one of his works and create a password from it, like “uRdBS” or “HFSTC” from The Princess Bride, or “UCHTT” from A Few Good Men.

Avoid the Unknown
Once you’ve accessed your email, there are a few ways that you can avoid putting yourself at risk. One very important way is to avoid the links in email unless you have verified that they do, in fact, go to (and come from) where they appear to.

First, where will the included link direct you? Links can be tricky things, which makes them a favorite of cybercriminals to use in emails. If the link is attached to text, you should hover over it and peek at the status bar that pops up before clicking on it. While the text might say that it brings you to the sender’s official webpage, the link could very well actually direct you to a domain that uploads a virus into your system. If the status bar says that you will be directed to someplace that doesn’t look quite right, skip the link.

You also shouldn’t blindly open an email that hasn’t come from a known or verified source, and even that can now be dangerous. There is a tactic that can be used to great effect as a way to snare even the most cybersecurity-mindful targets called email spoofing. As its name suggests, email spoofing is the act of forging an email’s header so that it appears to have come from someone else, likely someone trusted enough that the email will be opened, read, and interacted with.

As a result, it is best to verify the email with the cited sender whenever possible, through a different means of communication. Whether that means a quick phone call or instant message before you open the email, it is better to be safe than it is to be sorry.

What are some other ways that you keep your email from becoming a security risk? Share them in the comments, and make sure you take a moment and subscribe to this blog!



No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Thursday, 16 August 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Upcoming Events

No events

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Best Practices Technology microsoft Privacy Internet Software Tip of the Week Business Management Tip of the Week workplace tips Small Business Email Backup gadgets Mobile Office Cloud Managed Service Provider Hackers Saving Money hardware Productivity Google Quick Tips Malware Data Business COmputing Social Media Business Smartphones Microsoft Office Mobile Devices User Tips Android Users Computer Hosted Solutions Efficiency IT Services Innovation Business Continuity Virtualization IT Support Upgrade Windows WiFi Smartphone Miscellaneous Passwords Operating System Network Security VoIP Communication Holiday Disaster Recovery Server Mobile Computing Network Apple The Internet of Things Unified Threat Management Marketing Facebook Tech Term Analytics Ransomware Alert Mobile Device Management Gmail Windows 10 Antivirus Windows 8 Apps IT Support Remote Computing Cybersecurity Content Filtering communications Data Recovery History IT Consultant Outlook Virus Collaboration Maintenance Search Browser Remote Monitoring Money Artificial Intelligence Big data Health Going Green Excel Data Management Vendor Management Hacking Data Backup Office Phishing Lithium-ion Battery Mobile Device Humor Managed IT Services Productivity PowerPoint Business Intelligence Bandwidth Cybercrime Employer-Employee Relationship App Printer Tutorials Website Firewall Windows 10 Current Events Wireless Technology Office 365 Avoiding Downtime Update Social Networking VPN Applications Augmented Reality Automation Spam Word Proactive IT Cost Management Hard Drives Internet of Things iPhone Tech Support BDR Downtime Best Practice Laptop Company Culture Managed IT Services Networking BYOD eWaste Comparison Bluetooth Data Security Chrome Patch Management Tablet User Information Technology Social Bitcoin Save Time Mouse Data Breach Customer Relationship Management Bring Your Own Device Specifications Unified Communications Safety Law Enforcement Blockchain Project Management Help Desk SaaS DDoS Sports User Error Cryptocurrency Government Pain Points IT Management Inbound Marketing Cleaning Data storage Vulnerability Cortana Vulnerabilities Google Docs Gaming Console USB Business Technology IBM Computers Document Management Compliance Net Neutrality Websites Presentation Scam Wireless Running Cable Touchscreen Robot Encryption Lifestyle Save Money Administration Data loss Retail Computer Repair Tech Terms Experience Education Phone System YouTube Saving Time Digital Payment Access Control Social Engineering Information Hiring/Firing Two-factor Authentication Disaster Computer Accessories Accountants End of Support Windows XP Application Slack Manages Service Provider Twitter Business Owner Audit Professional Services Hard Drive Drones Recovery Cables Redundancy Equifax Writing Virtual Desktop Skype Monitoring Hackeres Fax Server Wearable Technology Printing Zero-Day Threat Distributed Denial of Service Documents intranet Online Currency Wires Hiring/Firing Trojan Digital Startup Public Speaking Travel Spying Entertainment External Harddrive Downloads Dongle Network Congestion Securty Virtual Assistant Voice over Internet Protocol Mobile Security Emergency Legislation Memory Heating/Cooling Product Reviews Employee-Employer Relationship Smart Phones Display Mobility Service Level Agreement Text Messaging Computer Care email scam Upselling Hard Drive Disposal FinTech Trending Time Management Multi-factor Authentication Emails Hacker Onboarding Password Google Calendar Smart Office Ebay Training Society Entrepreneur MSP Statistics Unified Threat Management Device security HIPAA Point of Sale Wireless Headphones Legal Customer Service Analytic Processors Electronic Payment Television Work Phone Systems Pirating Information Google Maps Computing Infrastructure Office Tips Router Development Media Streaming Nanotechnology Identity Theft IP Address SharePoint Optimization Business Cards Music Charging Teamwork Software as a Service HTML Storage Knowledge Screen Reader Virtual Reality Freedom of Information Recycling Debate Piracy Black Market Deep Learning Keyboard LinkedIn Analysis Printer Server Conferencing Chromebook LiFi Domains News Continuity Software License Business Growth Monitors Shortcut GPS Managed Service Managed IT Devices Troubleshooting File Sharing Backup and Disaster Recovery Visible Light Communication Staffing Environment Harddrive Fake News Solar Programming Get More Done Start Menu Mobile Technology Google Wallet Regulations Leadership Displays Streaming Media Competition 3D Co-Managed IT Webinar Value Budget Advertising Hosted Solution Microsoft Excel Managing Stress Read Data Protection Desktop