Email is essential to our daily lives. We use email at work and at home. We use it for just about everything from paying bills to arranging parties. How can you make sure your email is safe? We can help.
Despite advances in cybersecurity technology, cyberattacks can happen to any business at any time. Here, we’ve put together some tips to help you keep your business safe from crippling email attacks.
1. Lock Your Devices.
During the day, how many times do you walk away from your computer and leave it unlocked? Consider every instance: every quick 5-minute meeting, every time you help your coworker next door, or every time you rush to the break room to get a donut before they’re all gone.
Now, think about your cell phone. How easy would it be for a passerby to unlock it? Do you leave it sitting out when you leave a meeting to get more coffee? Do you leave it sitting on the conference room table while it’s trying to load a webpage? How about when you’re in the middle of an impossible level of Candy Crush, but someone calls your name from the hallway? Do you leave it unlocked on your desk?
Both of these devices are portals to your email and hundreds of digital documents about you and your business. With just a few clicks or taps, your data and identity could be in the wrong hands. Keep in mind, that if someone gains access to your email, they can easily reset your password and gain access to bank accounts, private business documents, social media, data storage, and more.
The easiest way to protect your devices is to remember to lock them when they’re not in use. Many mobile devices have auto-locking settings that can help. However, keep in mind that some applications keep your device open and unlocked while running. Computers and laptops have similar features and functionality.
The only way you can ensure your device is locked is by manually locking it when you step away. For Windows users, it’s as simple as pressing Windows logo key + L to lock your workstation.
2. Pay Attention to the Links You’re Clicking.
Looks can be deceiving. With some elementary coding knowledge, anyone can create a fake hyperlink. Take this link for example: https://hightouchtechnologies.com/who-we-are/careers/
Based on the URL, you’d probably assume that it would direct you to our careers page. However, it actually goes to our cybersecurity page.
So, how can you be sure the link you’re clicking is genuine?
Use your best judgement, and make sure you trust the sender. Is the email from someone who normally sends you emails? It’s probably safe. Can you tell if it’s written by a trustworthy source? Again, it’s probably safe. Did you find an email buried in your spam folder with the subject, “Congratulations! You’ve inherited one million dollars”? Don’t open that email, and definitely don’t click those links.
When in doubt, hover your cursor over the questionable link. A box will display with the true URL. Does it look like a URL you can trust? Or, does it look like it’s going to take you to a questionable webpage? The more you investigate, the safer you can be.
3. Choose Smart Passwords.
Password requirements keep getting more complicated. That’s for a good reason—the tools hackers use are becoming increasingly more sophisticated. With that in mind, consider these tips when you’re trying to come up with your next password:
- Don’t use common words or phrases. It’s much easier for hackers to guess passwords that are familiar words. Hacker bots can also identify strings of letters that are commonly used together to determine which words you used to create your password. It’s best to use a random combination or letters, numbers, and symbols.
- Keep it impersonal. Your personal information isn’t as difficult to find as you might think. With the rise of social media, people are more open to sharing personal facts and relationships online. Old school secrets like your mother’s maiden name or your oldest sibling’s middle name can be surprisingly easy to find online.
- Don’t reuse passwords. Reusing your password creates a single point of entry for hackers. Consider this scenario—a hacker steals data from a small boutique shop you bought a gift from online. If you used that same password for everything, the hacker now has the ability to access your online banking information, shopping accounts, social media, email, and more.
- Use multifactor authentication. You might know what this is without recognizing the technical jargon. Have you signed into a website, but in order to access your account, you had to enter a special code that the website sent to your email or cell phone? That’s multifactor authentication. This process may seem cumbersome at first, but it can save your data in case a hacker obtains your password.
- Be careful about what you share on social media. Have you heard about gamification? The term is used in a variety of different ways in the tech world. Here, we’re talking about turning data collection into a game. If you’re on social media, you may have seen these types of gamified data collection quizzes. They usually have titles like “Find Out Your Superhero Name” or “Where Will You Vacation This Year.” The results are based on the first letter of your name and something like your middle initial or the first letter of your mother’s maiden name. While it may seem like a harmless game, this can give hackers the smallest clue to figure out the answer to your password “secret question.” From there, they can reset your password and take over your email account.
4. Only Open Attachments From Senders You Trust.
Like paying attention to the links you click on, you need to pay even greater attention to any attachments that come into your email. Instead of stealing your personal information and passwords through a website, a malicious attachment can take over your entire computer, secretly watching everything you do and type. Generally, if you trust the sender, you should be able to trust the attachment.
When in doubt, look at the file extension. You can identify the file extension by the three or four letters that follow the file name. For example, if you had a Word document named Resume.docx, .docx is the file extension. Here are some common file extensions you may encounter in your email:
Multiple File Extensions
The common file types (.docx and .pdf) are the ones most often spoofed by hackers. People are more likely to open file types they recognize. Remember, there’s no such thing as a guaranteed safe attachment. If you don’t trust the sender, don’t open the attachment.
5. Back Up Your Email Data.
From single-employee shops to 1,000+ employee enterprises, data means everything. Can your business still succeed if you woke up tomorrow and every file or image in your email vanished? How many important files and conversations are in your email? What about contacts? Your email data isn’t any less important than other data your business relies on.
Despite all the available safety precautions that exist in the marketplace, an email data disaster can happen to any sized company at any time. Data disasters can occur from natural disasters, cyberattacks, hardware failure, file corruption, theft, and human error. To protect your business, we suggest a five-step approach to data backup:
- Determine your storage needs.
- Decide how often you need to back up your data.
- Create a local backup.
- Create a cloud backup.
- Test your backups.
6. Encrypt Your Email.
So far, we’ve talked about the dangers associated with the emails you receive. What about the emails you send?
Oftentimes, outbound emails can contain sensitive data that we don’t even think about: addresses, phone numbers, email addresses, etc. Other times, you may have to send sensitive documents like tax forms and contracts. What can you do to make sure your sensitive-content email reaches it’s destination safely? Encrypt it.
In a nutshell, encryption is tech jargon for creating a secret code. Have you heard of the Zodiac killer’s secret code? It’s kind of like that. Instead of sending your message as you wrote it to the recipient, encryption scrambles the content of the email so that it can only be understood using a special key. When your recipient receives the email, they’ll essentially unlock the secret code and be able to read your message. If an unintended recipient intercepts the message between you and the intended recipient, they won’t have the key to the code, and the message will look like gibberish.