We all use e-mail on regular basis. It’s a powerful tool for our communication on web, but it also can be a backdoor to our security and privacy. Knowing how to protect it is very important, because your e-mail security does not just affect you. If your e-mail account is compromised, it affects others, as well.
Learn how to secure your e-mail by applying these 13 fundamental rules from our article.
1. Don’t Open Attachments You Don’t Expect
E-mail attachments may contain malicious software or viruses that could infect your PC.
Few basic rules:
- Never accept attachments unless you are expecting them
- Never open an attachment unless you are really confident that it is safe. Some safe attachments could include .txt, .pdf, or .gif. Some potentially unsafe attachments could include .doc or .xls extension.
- Never, ever open an attached .exe file unless you confirmed or you are really confident of what it is
2. Don’t Click on Unconfirmed Links
Same rule applies here. Don’t click on unconfirmed links in e-mails, because links may also contain malicious software or viruses that potentially may infect your PC, steal your private data or harvest your e-mail address for further spamming.
3. Don’t Get Hooked by Phishing
One of the most known examples would be a message from your bank that asks you to update your account information. You click on the link, which opens the legitimate bank site. Then a page opens up on top asking you for your account info. But, this page Does Not belong to the legitimate bank site. If you fill out your personal information and submit it, the info will go to the “phisher”. Phishing is tool used to steal identities for further misuses or to be sold to other parties.
Phishers usually use eBay, PayPal, MSN, Yahoo, BestBuy, and other popular sites’ links that most people use.
4. Don’t Always Trust Your Friends
Sometimes friends’ e-mails get compromised by spambots who use them to send spam or malware. If you received an e-mail from your friend with an attachment or a link, without any explanation what’s all about, don’t open it and don’t click the link. Confirm that your friend has sent you that e-mail first.
5. Check the Message Header
Spammers often disguise their real addresses in some user familiar or widely popular. You can check e-mail header to be sure that the message you received is from a legitimate address.
Right-click on the message line in the Outlook >Inbox > Select Options to view the header (do not double-click or you'll open the message).
In Outlook Express: Right-click > select Properties > and choose the Details tab
If the From: line contains as same address as in header, you can be sure that the it is legitimate.
6. Use More Secured E-Mail Clients
If the privacy of your data is important to you, then use a local POP3 or IMAP client to retrieve e-mail. This means avoiding the use of Web-based e-mail services such as Gmail, Hotmail and Yahoo! Mail for e-mail you wish to keep private for any reason. It’s also good solution for security, because desktop e-mail clients such as Outlook or Thunderbird provide more security options to their users.
7. Turn Off Preview
When you click an e-mail and it shows up in the preview you are basically rendering the remote images and the click-tracking that spammers use to verify the e-mail lists executes. That alerts them to the fact that you are a real user who uses real e-mail address. This also increases the likelihood of your e-mail client automatic exploitation. So, it’s good idea to turn off the preview panes.
8. Always Use Text
If you use a plain-text e-mail client, there's less chance that you will fall for a phishing e-mail, because there'll be no active hyperlinks, or obvious links. Also, if you sign up for any sort of subscription e-mail service at any website, choose to receive e-mails in text mode only, if possible.
In Outlook Express it's Tools>Options>Read, then check the box 'Read all messages in plain text'
For outgoing messages go to the Send > check the Plain text radio button under Mail Sending Format. Make sure that 'Reply to messages using the format in which they were sent' is also unchecked.
In Thunderbird it’s View>Message Body As... and then select the Plain Text option in order to read your incoming mail as text only.
For outgoing messages, click Tools>Account Settings and then select the Composition and Addressing option. Make sure that the 'Compose messages in HTML format' is unchecked.
9. Use Other Webmail Account for Your Web Presence
When posting comments, or subscribing to newsletters or products on websites, good idea is to use free webmail clients such as Gmail, Hotmail or Yahoo!
You should also differentiate that e-mail account from one you use for business or communication with friends, which is attached to Outlook or Thunderbird client. If your other e-mail account gets compromised, that won’t affect account you use in everyday’s correspondence.
10. Code Your Publicly Displayed E-Mails
Spambots are web applications that scour websites for recognizable e-mail addresses. If you display your e-mail on anyone's webpage, including yours, be sure to code your e-mail. Spambots usually seek for @ alone, or in combination with name.com.
For example, if your e-mail is firstname.lastname@example.org, then try something like myname[at] mycompany[dot]com, or something similar to that. The more punctuation marks and breaks your use, safer you are.
11. Don't Unsubscribe
If you subscribed to certain newsletter and soon discovered that your inbox is flooded with spam on daily basis, clicking the Unsubscribe or Click here to be removed from our list link at the bottom of the message isn’t always the best idea. Doing so lets spammers know that your address is valid. However, many legitimate sites provide an unsubscribe link with their e-mail messages, and they accept your wish if you decide to unsubscribe.
But, if you start receiving "subscription" e-mails from some source to which you didn't subscribe, don't use their "unsubscribe" link. If you do, you might just find yourself getting even more spam e-mails. Best solution is to block or blacklist sender.
12. Block Sender
If you receive spam messages from same source, the best solution is to block sender in Outlook or to blacklist it as spam in webmail client.
In Outlook: Highlight the message > Message > Block Sender…
Webmail clients offer the option to label unwanted messages as spam, so use them whenever you receive spam messages.
13. Use Anti-virus Software
Most AV programs, including free AVs such as Avast or AVG, can check every message you send and receive with Outlook or Thunderbird. Such scans of incoming and outgoing messages are provided with advanced AV tools, usually Mail scanner. All you have to do is to keep your security software up to date.