I’ve addressed some of the issues related to email security in a post late last month. While the basics are useful to anyone, if you’re serious about email, meaning you use it all of the time, then there are some additional issues you should be aware of. Let’s review a few of those here:
- Whenever possible, do not use shared computers – If you must log in to a shared or public computer only log in to your throwaway email accounts (as described in my earlier post), never an account that you depend on. When you are finished using the shared computer, clear the recent browsing history including the cookies, cache, form history, and passwords.
- For the most secure connection, use a wired connection to the Internet – at your home or office. The wired connection at your office should be fairly secure from outside threats, but it’s somewhat more likely that there might be someone in your company who could be monitoring your internet traffic.
- Avoid wireless connections, especially public open wireless connections. You can mitigate some of the risk by only connecting to email accounts that encrypt the entire connection with HTTPS for all web pages and not just the log in pages.
- Create a strong email password. Never use simple or easy to guess passwords. A good formula to use is: one capital letter, one number, and one special character in a mix of at least eight characters. So, 123home is not a good password. My2013home is pretty good.
- Scan all email attachments before downloading and opening them. This includes unexpected email attachments from people you know. Viruses and spyware easily spread through email attachments by emailing themselves to email addresses listed in contact lists and address books. And this applies to Mac computers as well as PCs.
- If you need to email several people consider using BCC to copy in the multiple recipients. To help avoid the above issue in #4 you can help prevent the spread of known good email addresses by not giving 3rd parties access to your contacts list by using BCC lists and not copying in multiple To: or CC: addresses. Many mail programs and email service providers automatically add email addresses to their contact lists and address books.
- Do not save contacts into the address books of your throwaway email accounts and mail programs.
- Never share your private information. This includes logging into accounts using untrusted computers, giving a password to a technical support representative, or responding to an email that asks for you to confirm your account details.
- Separate your email accounts. Keep several active email accounts open that you use for different purposes. This can include one or more personal email accounts that you use to email friends and family, a business email account, and some throwaway accounts that won’t cause a problem for you if they get hacked or suspended. You may want to give your throwaway email address to those within your friends and family circle who like to send email forwards, hoaxes, and always seem to be the ones who need help removing the latest spyware from their computer.
- Do not save your email account passwords in your mail programs or web browsers.
And regardless of the rules above, make certain to regularly backup your primary email account. This is one of those situations where your indifference may lead to one of those, “hey everyone, sorry to bother you, but my online life has just been stolen…”