Everybody is tweeting, IMing and texting, but e-mail still the main communication workhorse both at home and for buisness. Unfortunately, many people, even the technically savy, sometimes still ignore the basics of e-mail security.
Because e-mail is such an important communication tool it is the the most common way you can be attacked by phishers, spammers, and virus creators. No matter how good you think your filtering and firewall apps are, you still have to be aware and alert every time you open a message. Let’s look at some of the most fundamental ways you can safeguard your communications.
First, never allow an e-mail client to fully render HTML or XHTML e-mails without carefully considering the consequences. If you use a mail program like Microsoft Outlook or Mozilla Thunderbird, you should at least configure it to render only simplified HTML rather than rich, but plain text is best. Rendering HTML opens you to the risk of identifying yourself as a valid recipient of spam or getting successfully phished by some malicious security cracker or identity thief.
If the privacy of your data is important to you, and come on it really should be, use a local POP3 or IMAP client to retrieve e-mail, avoiding the use of Web-based services such as Gmail, Hotmail, and Yahoo! Mail. If you haven’t already (and it continually amazing at the number who don’t) go into your websites cPanel and create yourself a couple email address like: firstname.lastname@example.org or email@example.com. If you don’t know how to setup your email program there should directions somewhere in your cPanel. Or send me an email and let me know what program you are using and I will tell you how.
Even if your Webmail provider’s policies seem privacy-oriented, that doesn’t mean that employees won’t occasionally break the rules. Some providers are accused of selling e-mail addresses to spamming partners. If you consider it personal and private, don’t trust it to Web-based services. (Remember web-based=Gmail, Hotmail, Yahoo and the like.)
Another way to ensure privacy is to ensure that your e-mail authentication process is encrypted. If it’s unencrypted — hackers could listen in on your authentication session with the mail server, allowing them to potentially send e-mails as you, receive your e-mail, and cause all kinds of problems for you with spammers.
Check your ISP’s policies to determine whether authentication is encrypted.
Some safety tips will not only preserve your privacy, but can also save you a lot of embarrassment. In this category is the advice to turn off automatic addressing features. If you are an Outlook user, you know how easy it is to choose the wrong recipient from an autofilled drop-down list.
Whether it’s business secrets or dishing some personal gossip, accidentally sending an e-mail to the wrong person could have serious consequences.
And finally, avoid using unsecured networks! (This includes your home wirless network!) When communicating via e-mail, remember that your e-mail security does not just affect you; it affects others, as well, if your e-mail account is compromised and your address book gets hijacked.
If you absolutely must access an e-mail account that does not authorize over an encrypted connection, never access that account from a public or otherwise unsecured network. You are opening yourself up to more risk than it’s probably worth.