Many businesses rely on email as their main way of communicating. It’s easy, reliable and cost-effective, and you can reach staff and customers where they visit every day — their inbox.
But email is also a gateway for viruses and cyber-criminals to gain access to personal, sensitive or confidential information.
Businesses can do a variety of things to prevent email systems from getting hacked and falling into the wrong hands, read on to learn more.
Spotting a suspicious email
Phishing emails, which impersonate an individual or organisation to try to get confidential information such as passwords and bank details, can look entirely convincing – but there are some telling signs that you can train your teams to look out for.
Hackers sometimes add fake URLs that look very similar to the real ones to make it look like they are a company you know. However, if you hover over the link, you can usually confirm whether it’s legitimate.
Other clues include typos in the email, suspicious-looking email attachments, an email address that doesn’t match the company, and the email telling you to click on a link or requesting your personal information. It’s always best to be suspicious if you notice this, and speak to your IT team as soon as possible.
Use multi-factor authentication
With only a single password as a barrier, there’s not a lot stopping someone getting into your email account. But what you can do is put an extra layer of security between your data and cybercriminals in the form of two-factor or multi-factor authentication.
This means that in addition to the password, you, or someone else trying to access your email account, will need to provide another piece of information, like a passcode, token or even fingerprint. If it’s a code, this can be sent to you via another one of your connected devices, such as your phone, meaning that it will be extremely hard for the hacker to figure it out without having that device.
Check staff email usage
When working from home or remotely, we tend to check our emails quite a lot, without even thinking. It’s good practice to speak to your staff about their email habits, as this can be the biggest threat to your email security. Have they visited websites via a link in an email, or signed up for something with their work email address?.
Although the vast majority of malware is spread via external email, there are some that also come via internal emails. This is especially the case when an employee’s computer is already infected and they are now unknowingly spreading viruses to others via email. If you receive a suspicious email link or attachment from a co-worker, be sure to check it with them.
Keep a secure password
Frequently changing your password is one of the easiest ways of shoring up your email security, and not enough of us are doing it.
A complex password is incredibly difficult for a hacker to crack, even if they’re using software to sift through possible combinations. When you add a new password, mix in symbols, numbers and phrases, and avoid using any personal details. You should also try to use different passwords for all your accounts.
It’s fine to write your password down if it helps you to remember it, as long as you store it in a safe and secure place, not on a sticky note next to your keyboard. Password managers can help you remember complicated passwords by storing them all in a secure place.
Avoid the unsubscribe button
You might be getting some marketing emails in your inbox that you don’t remember signing up for. If this is the case, don’t click on the unsubscribe button at the bottom of it as it’s more than likely a scam.
Some hackers prompt you to click on that unsubscribe button and they will take you to a malicious landing page. Also, that shows them that you are an active email reader, so you will end up receiving even more emails from them.
Simply flag the email as spam. Of course, if you remember signing up to something then it’s fine to use the unsubscribe button there.
Encrypt important emails
If you have to send sensitive or confidential information via email, best practice is to encrypt it. When you encrypt something, it means that you disguise the information so that hackers can’t read it. A public key, in the form of a digital code, is used to encrypt an email and a private key is used to decrypt an email.
Avoid public WiFi
As UK restrictions ease it will be tempting to go out and work from a café. But it’s important to be aware that public WiFi is never secure, and if you or anyone at your company logs into their emails from a public network, it will make it easy for anyone to steal passwords and view sensitive data. That could even result in another attack further down the line.
If people need to access their messages outside of the office, your employees could use their 4G or 5G on their phone. That is much more secure than any public WiFi and should better protect your data.
Although email is a prime target for cyber criminals, you and your employees can significantly reduce the risk of this by following the tips above. If you have any questions about email security or looking for a solution for your business, please contact us at info@auratechnology.com.