Effective email security is just as much about the behaviors and habits of employees as it is the technological safeguards that are in place. While there is a lot that spam filters and antivirus software can do to limit threats, education and awareness is your best defense against email-driven threats. These tips are a great place to start.

  1. Use smart password best practices:
    • Change your password frequently
    • Never use the same password twice
    • Use strong passwords that are difficult to guess, and include numbers and symbols
    • Use a different password for each of your accounts – if one account is compromised, your other accounts will be as well
  2. Never open attachment that comes from an unknown sender, or from a known sender when you’re not expecting anything from them
  3. Be wary of email messages that ask you to enable macros before downloading Word or Excel attachments
  4. Use antivirus software on your desktop computer and/or laptop, and make sure it’s always enabled and kept up-to-date with the latest virus definitions
  5. Learn how to recognize phishing attempts by keeping an eye out for things like:
    • Messages that threaten to delete or lock you out of your account if certain steps aren’t taken
    • Requests for personal information such as passwords, credit card or banking information, or Social Security numbers
    • Subject lines that seem urgent or threatening
    • Email addresses that don’t look right – missing or added letters in a familiar address is a common tactic
    • Poor grammar and basic spelling mistakes
  6. Hover your mouse over embedded links to make sure the address matches what it’s been described as, and open a new browser window and manually type in the address instead of clicking the link if you have any doubts
  7. Don’t give your email address to websites you’re unfamiliar with and can’t be 100% sure are legitimate or safe
  8. Don’t post your email address to public websites or forums, as hackers and scammers will often check these kinds of sites for email addresses they can target
  9. Never reply to or click the “Unsubscribe” link in a spam email, as this will tell the spammer your address is legitimate and in use, which could lead to you receiving even more spam
  10. Always remember that reputable businesses will never ask for personal information via email under any circumstance
  11. Don’t send personal or sensitive information over email
  12. Never share your password with anyone, including coworkers
  13. Be sure to log out of your email before you walk away from your workstation or close your laptop
  14. Avoid public wi-fi when possible, and refrain from logging into or checking your email when using a public connection – even one that is password protected. Places like coffee shops often provide Internet access to paying customers, but these passwords are rarely changed