Everybody uses email, but not everybody is malware savvy. Logically, email has become a favorite attack vector of malicious users.
Here are some basic practices that will help keep your email account secure and your communications private.
As you might imagine, one of the simplest ways that you can lock down your email account is to make your password sufficiently strong. Too often, breach statistics reveal that passwords are overwhelmingly weak. Pet names, birthdays, and favorite sports teams are ridiculously common, as are simple keyboard patterns, like qwerty, asdf, and the like. Hackers could access these email accounts with minimal research.
Avoid using formulaic, easy-to-guess password systems, like, for instance, combining your alma mater’s mascot with the number of your childhood home. These password conventions are the first things that a cybercriminal will try. Instead, rely on an as-random-as-possible string of numbers and letters, creating a different one for each of your accounts. This will give you the strongest possible passwords, and protects the rest of your accounts if one of your passwords gets cracked.
Of course, is it possible to remember a completely random string of alphanumeric characters for everything that requires a password? Try using a passphrase to generate your password. A passphrase uses a sentence memorable to you as a mnemonic device. So, a fan of films by Rob Reiner could take a line from one of his works and create a password from it, like “uRdBS,” or “UCHTT” from A Few Good Men.
Once you’ve accessed your email, there are a few ways that you can avoid putting yourself at risk. One very important way is to avoid clicking links in email unless you have verified that they are what they seem.
Check where the included link directs you. Links can be labels for anything, which makes them a favorite of cybercriminals to use in emails. If the link is attached to text, hover over it and read the status bar that pops up before clicking. The text might say that it brings you to the sender’s official webpage, but the link might actually direct you to a domain that uploads a virus into your system. If the status bar doesn’t look quite right, skip the link.
You really shouldn’t open any unverified email; even that can be dangerous. Enter email spoofing, the act of forging an email’s header so that it appears to come from someone else; someone trusted enough that the email will be opened, read, and interacted with. Of course, you may be suspicious if the email’s subject line seems unusual for, say, your mother.
Verify such emails with the sender whenever possible, through a different means of communication. Whether that means a quick phone call or instant message before you open the email, it’s better to be safe than sorry.
It’s a jungle out there. To learn more about best practices for protecting company data, give Quikteks Tech Support a call at (973) 882-4644 to set up a free consultation.