Email Safety Tips

Email is a wonderful way of communicating and an essential tool for business people. Email is also used by criminals who would love to trick you out of your money, steal your passwords, or lure you into a fraudulent scheme.

Phishing scams often use email. A Phishing email is a message from someone who pretends to represent a legitimate company or organization. Phishing emails often appear as a dire warning of fraudulent activity on your bank account or a notice that you won a prize. Businesses and individuals lose millions of dollars to phishing scams every year, and the number continues to grow. Anyone can pretend to be from the IRS, Netflix, PayPal, or any business by simply putting that name in the email. Don’t fall for it! Look for our other courses on cybercrime prevention or our free comprehensive Guide to Online Safety.

A touch of skepticism, some common sense, and knowing what a legitimate business will and won’t do can help you protect yourself from identity theft and fraud. Here are some email safety tips to help.

1. NEVER respond to a request to send banking account information, a username, a PIN, or your Social Security number through email. You will never receive a legitimate request from a bank or financial institution or from any government entity requesting this information be sent via email. Contact your bank by phone or through their website should you receive a request or notification. Don’t click any links in a suspicious email. To access the company’s website, open your browser and type in the proper website address.
2. Who really sent you the email? The name associated with the message can be anything, but you can check the sender’s email address to help determine authenticity. Does the message say it’s from the Fraud Center at Chase Bank but the email address is not from chase.com? If there are links in the message, hover your mouse pointer over the link—but don’t click—and look for the pop-up box with the web address. Is it the legitimate web address of the entity asking for the information?
3. Make sure that your computer’s software, including the operating system, antivirus app, and browser(s), are all up-to-date.
4. Only download attachments (photos, documents, etc.) from trusted sources that you know are legitimate and have a reason to send you an attachment.
5. Always log out after accessing email on a public computer. Consider using an anonymous browser window any time you are using a public computer.
6. Strong passwords are very important for online security. Keep them in a secure place. Use a different password for each account. Especially important, don’t use your banking passwords for email or social media. Here are some tips for creating strong passwords:
   • Never use your name, your company name, or dates of importance. Mix in capital letters in unexpected places and add special characters like *, &, and $. Do not use words found in a dictionary.
   • You can also use a passphrase. A passphrase is a series of words that create a phrase that is not found in literature or music and does not contain your name (or company etc.). For example, use a phrase that only you know like “My friends Tom and Jasmine send me a funny email once a day,” and then use numbers and letters to recreate it. “MfT&Jsmafe1ad” is a password with lots of variations
   • Make it long—at least 8 characters and preferably more for banking and financial websites.
7. Always sign into email through a secure connection. That means that you will see a lock icon and “https” in your browser’s address box.
   
8. Be careful about public Wi-Fi connections at hotels, coffee shops, and elsewhere. They are often insecure and easy to spoof.
9. Share your email address only with trusted sources. Be careful about posting your email address in chat rooms and public places. Consider having a generic email address for newsletters and websites and a second one for private communications.
10. Many viruses spread from forwarded emails – you know the ones, the funny emails you just have to pass on? Many of these are spread unknowingly by friends and family. Pay attention to any warnings that appear from your antivirus software.
11. Never reply to spam email or click on “click here to be removed.” That only verifies that they have hit a real email address.
12. Change your passwords if you suspect fraud, suffer the loss of an employee, or have a change in relationships that might create a risk.
13. Consider all email messages to be public!