Many scams begin with an email. Cybercriminals use email to deliver malware, trick their targets into visiting malicious websites and convince them to provide sensitive personal information. Follow these email security tips to secure your devices and email applications better. You can dramatically reduce the likelihood that you’ll fall victim to a scam.
Email Security Tip 1: Set up your email to filter spam and junk messages
Filtering out spam and junk emails is the logical first step. Because it reduces the number of potentially dangerous messages that make it to your inbox. Most email applications come with filtering built-in. You may need to configure it to achieve the desired results, but that isn’t difficult. Instructions should be available via your email app’s help menu.
Email Security Tip 2: Pay attention to email threat indicators
When unsolicited emails make it past your filter and into your inbox, there are some warning signs you should look for to determine whether they might present a threat.
Phishing scammers frequently use impersonation tactics. They attempt to convey a sense of urgency to convince their targets to act in haste without verifying the claims being made. They may, for example, impersonate law enforcement officials, claim that you owe a fine, and threaten you with arrest if you don’t pay immediately. Alternatively, they could claim that you’ve won some money and ask for your bank account information to make the transfer. Don’t fall for it.
Never call a phone number or click a link in an unsolicited email. Links often lead to malicious sites designed to steal your information or install malware on your device. Calling a phone number may put you in direct contact with a scammer.
You can hover over links in suspicious emails to examine the underlying URLs. This may yield further evidence as to whether a message is malicious. Note, however, that criminals often create websites with URLs that look almost identical to those of legitimate sites. Suppose a suspicious email appears to have come from an individual or organization you’re familiar with. In that case, it’s better to call the person or company using a number you know to be valid to determine whether the message is genuine.
Email Security Tip 3: Check the message header
The sender’s name is often hidden, or spoofed, in malicious emails. Expanding the email’s header (the To and From fields) will often reveal a sender’s address. This address may be nothing similar to the name in the From field. The reply address information in the header may also be completely different. In Gmail, simply click the down arrow in the header to expand it. Different email applications use different methods, but you can find instructions for expanding your app’s email header online.
Email Security Tip 4: Beware of attachments
Threat actors often use email to deliver malware. Unless you’re certain that the message came from a legitimate source, do not open email attachments. Doing so could result in your device becoming infected, possibly with a virus or keylogger that will transmit all of your keystrokes to the attacker. This could include information like your financial and banking account login credentials. Malware might also provide a cybercriminal with full access to your device and your sensitive personal data.
Email Security Tip 5: And finally, use a firewall and antivirus application
If all else fails and an email attack succeeds at delivering malware, a good antivirus/anti-malware application is likely to detect it and mitigate the threat. Be sure to set your antivirus application to periodically update and scan for threats automatically.
Using a firewall on your device can stop malware from doing any damage by blocking its communications with the attacker or malicious external systems. Be sure to take advantage of this capability by activating your device firewall and ensuring that it stays up to date.