Home Cyber Security SMALL STEPS TO PROTECT YOUR EMAIL

Small Steps to Protect Your Email [continued from Front Page]

   One of the most basic steps which you can take to improve your security is to use stronger and regularly changed passwords when accessing your email via web mail or a dedicated email program. No matter how many times we've all been told to regularly change our passwords or to choose passwords that aren't easily guessed, many people ignore the warnings and go about using the same easily cracked passwords for multiple accounts such as email, online banking, and online personal profiles. Some users ignore these warnings because they dismiss the importance of their email security, brushing aside security threats due to an illusion of the relative unimportance of email security in relation to other protected accounts. All too often, email users underestimate just how connected their email accounts are, forgetting that access to their email may result in access to their online banking account (due to similar passwords or the ability to reset a password), as well as other important online accounts registered to their email address. Furthermore, accessing someone's email may include accessing private and proprietary business information stored or connected to their account. Because of all this, personal and business email security should not be taken lightly.

    Using a weak password to access your email account breaks a cardinal rule of email security because no matter what defenses you have in place to guard your company's private or proprietary information, a weak password can be easily cracked by a malicious party. One weak email password can be the flaw that brings your security tumbling down. A strong password is one that is unique to the chosen account and difficult to guess. Many people try to avoid the inconvenience of keeping track of multiple passwords for the variety of online accounts we all maintain by using the same password for different purposes. Choosing a password for your email account which you use for other online accounts can be dangerous because if the password is cracked for one account, all your accounts with that password could be compromised. Keeping track of multiple passwords for multiple accounts may be a small inconvenience, but it's a simple step to increase your email security.

    In addition to using a unique password for your email account, you can strengthen your email security by choosing a password that cannot be easily guessed. Many people use personal information such as birthdays and names when choosing a password, assuming that potential hackers and thieves would never guess their spouse's name. However, using this sort of information as a password is a security risk because the information can be obtained by experienced scammers with a thief's expertise in social engineering. Some electronic thieves often use phishing scams or impersonate reputable services like financial institutions, major businesses, or government agencies to trick us into revealing all sorts of personal information. While these scams frequently aim to trick us into giving out banking and credit card information, they may also aim to get us to reveal personal information about our families and friends in the hopes that this information can be used to access our various online accounts. Electronic criminals and con artists are well aware of the most frequently used passwords and that many of us use our loved one's and personal information when choosing passwords.

    To strengthen your password, you might want to select one that isn't easily guessed. By choosing a password between 7-9 characters long and which is composed of a series of upper and lower case letters, numbers, and non-alphanumeric characters such as exclamation points "!" and other symbols, you can greatly decrease the chance that a hacker would be able to guess your password or crack it using either social engineering scams or a whole host of specially written programs. Hackers often employ special programs which are freely available on the Internet to crack passwords. Some of these programs work by bombarding your login with every word in a given dictionary or by trying a few thousand combinations of user names and passwords in a short amount of time. These brute force attacks on your login can be effective against weak passwords, but a strong password that is longer and composed of a variety of characters greatly increases the time and skill necessary to crack it. Finally, it is worthwhile to remember that email password theft occurs more often when users check and send their email via web mail rather than a dedicated email program which downloads email from their mail server. When your web browser accesses a web mail server, it can store information in the browser's cache. Some of the stored information might include your password, and it can remain within the cache even after you log out of your email. Because of this, it is important to use a secure login and secure connection when checking email through web mail. A secure login encrypts the information being relayed to the mail server, making the information more secure from being intercepted or read.

    In addition to strengthening and regularly changing your email password, you can better protect your email by staying on the lookout for damaging computer viruses. Many web-based email services employ online virus scanners to check emails and email attachments, and many computer users regularly employ anti-virus programs on their computers which can help to reduce the risk of contracting a virus. However, in order for anti-virus programs to work efficiently, users should make sure that their programs are regularly updated. An outdated anti-virus program does not work as effectively as a regularly updated one, and you may fall victim to some of the newer viruses developed every day. A regularly updated anti-virus program is a must have for email security but there are a few basic rules of email behavior which you can take to augment your protection from malicious viruses.

    A common way viruses find their way onto your computer is through email attachments. Because of this, you should always remember never to open an attachment to an email which you don't recognize or which comes from an unknown email address. Again, some electronic malefactors make use of social engineering to trick or scam you into revealing personal information. Similarly, some malicious hackers might use impersonating emails that closely resemble respected persons or institutions to gain your trust so as to hack or infect your computer. These impersonating emails can be accompanied by malicious attachments which can infect your computer with a virus when opened or downloaded. Some viruses can even be specifically designed to use an infected computer's address book in order to email replicated copies of itself in an attempt to further infect other computers. Because of these cases, you should also remember to never open an attachment that is unexpected even if it comes from a familiar looking source. It might be worthwhile to email the sender (perhaps from your address book so as to verify the authenticity of the sender) to make sure that they intended to send the attachments. Finally, some malicious email attachments contain viruses which can be programed to launch after they are previewed using the preview pane feature which is standard on many dedicated email programs (e.g. Outlook, Thunderbird, Mail, etc.) It is therefore a good idea to disable the preview option on your email program. While eliminating the advantages of the preview pane may be a slight inconvenience, doing so can reduce the risk of falling victim to certain viruses. By adopting these simple habits, you can greatly increase your everyday email security and reduce your risk of falling victim to emailed viruses.

    Following the tips discussed here can help get you into the habit of more security-minded emailing and further increase the security of your valuable and private business information. However, you should always remember that even following these tips and using the best email security technology can only increase your relative security and that email can never be entirely protected. Keeping this in mind it is crucial to ask yourself whether or not there is a safer alternative to email when communicating important private or proprietary business information. No matter how secure your email may be, sometimes it may be better to use alternative means of communication like the time-trusted postal service or other couriers. However, sometimes emailing important and private information is necessary in our modern world. In our next article, we'll show you how to make use of encryption and signatures to protect your most valuable email so that you can rest a bit easier when emailing guarded business information.