Email has become an indispensable part of life for most people. You really can’t live without it. You can’t sign up for most other online services without a valid, active email address. Sure, some sites today will let you sign in with Facebook, Google, or Apple, but remember that you needed an email address to set up those accounts, too.
As important as your email accounts have become, it’s crucial to keep control of them.
Lance Stone, CEO of On Time Tech, a San Francisco-based technology services company offers 5 tips for how to keep your email accounts secure.
1. Make Sure Your Spam Filter Is On
The first way to help secure your email account is to ensure your spam filter is on. Spam is nearly impossible to avoid completely, but a good spam filter will flag most spam messages. Instead of coming to your inbox, they will route to a spam folder. You’re less likely to fall for a scam or a phish (see #4 below) when these messages are flagged as potentially fraudulent.
Most consumer email services (like Gmail, Outlook, Yahoo, and others) have pretty decent spam controls in place, and just about all the major services turn these on by default. Still, if you’re seeing numerous messages that seem like spam, poke around in your email settings to make sure the spam filter is turned on.
If you’re frustrated with the amount of spam getting through to your business accounts, your business may need a better spam filtering service. Contact us to discuss which options make the most sense for your business.
2. There’s Safety in Numbers: Use Multiple Accounts
One simple step to increase your email security is to diversify. Many people use one single email account for everything: for example, firstname.lastname@example.org handles all Sally’s personal communication, banking, shopping, and everything else. She also uses it to sign up for any online services requiring an email login.
The danger with doing this is that if someone else gets into Sally’s main email account, they have access to just about everything. As widely as she distributed that email address, she’s at increased risk.
A better strategy is to use multiple accounts. Sally could set up something like email@example.com and firstname.lastname@example.org in addition to her main, personal account. One is for all her sensitive logins. One is her “spam” account, which she uses for retail accounts, which tend to send tons of promotional emails. She also uses that account for any site she’s not sure about. She’ll use the spam address to sign up for anything that seems even a little suspicious.
Her main account is reserved for real life personal communication. It remains free from sales email clutter, and the chances of a bad actor getting ahold of the address and sending scammy or phishing emails is much lower.
3. Use Good Password Strategies
Next, use good, strong passwords, and don’t reuse them. Sally’s problem above would be many times worse if she reuses her email password for most of her other online activities. If a hacker manages to acquire Sally’s password on a less secure site, the hacker then has access to dozens of Sally’s accounts. It’s an ID theft disaster. Yet that’s what many people do today.
Remember when Yahoo was breached (all 3 billion or so accounts)? Many people figured this wasn’t a big deal. They hadn’t used their Yahoo accounts in years or didn’t use them for anything important.
Password re-users were in trouble, though. Some folks had even registered other accounts using their Yahoo email address and the same password associated with it. They made it too easy for hackers and cybercriminals.
What’s the solution, then? Each account should have a unique, long password. We know that operating this way can be hard to manage on your own— that’s why so few people do it. We recommend using a password manager to take care of this for you.
4. Learn to Recognize Phishing and Scam Emails
Learning to recognize illegitimate emails goes a long way toward maintaining account security. Phishing emails are emails sent from fraudsters and criminals that mimic legitimate companies. You might get an email that looks like it’s from Microsoft, Apple, or Google that says there’s a problem with your account. You’re told to click a link, where to recover your account you need to enter all sorts of personal details.
Of course, it’s not really Microsoft, Apple, or Google’s website. You put in your info, and it goes straight to digital thieves.
These emails can look pretty convincing, but there are usually some tell-tale signs that they aren’t legit. First, if you see any typos or unprofessional looking content, that’s a red flag. Second, if you’re asked to provide lots of information that the company already has or never had in the first place, run away.
If you’re still not sure, navigate to the website manually. Open a browser tab and go to the company’s site the old-fashioned way. If there’s a real problem, you’ll be notified there once you log in.
Now that you have these tips about phishing campaigns, try this phishing quiz and see how you’d fare.
5. Keep Systems Updated
Keep all your systems updated so that malware has less of a chance to get in. Most malware targets known vulnerabilities in older software. Keeping software up to date lessens the likelihood that malware will find any vulnerabilities to exploit in the first place.
These 5 tips can help you keep your email accounts secure. For more help with email account security, contact your San Francisco IT services team at On Time Tech. It’s a dangerous world out there. We’re ready to help your business stay safe!