In 2015, the number of emails sent and received per day was over 205 billion. By comparison, WhatsApp handles a meagre 65 billion message per day.
This figure of emails was then expected to grow at an average annual rate of 3% over the next four years, reaching over 246 billion by the end of 2019 (the equivalent of everyone on Earth sending 32 emails per day!).
Email is the primary method of communication in business, and is also a gateway for viruses and cyber-criminals to gain access to personal, sensitive or confidential information. It is due to this, that email security should not be taken lightly.
Interested in finding out about cyber security best practices? Download our FREE White Paper>>
As long as cyber-security tips have been around, having a strong, unique password has always been one of them. This applies more than ever for email security.
People often forget about the importance of creating a strong password and use easily guessable passwords out of convenience. These weak passwords are never going to protect your business from cyber-criminals with the tools available today. The tools used run millions of combinations until they hit yours, therefore, the more complex a password you use, the longer it will take the software to guess it.
On a basic level, passwords should be over eight characters, include a mixture of lower and upper case letters, a number and a symbol. If you’re ready to break apart from old ways and learn some new ways of creating a password that works, our recent blog post goes through how to make a password that doesn’t SUCK.
Additionally, ensure that you keep your passwords safe and to yourself. Avoid sharing them with colleagues or writing them down. Password managers are great for logging your passwords so you don’t have to worry about remembering them. All you need to remember is the master password to get into the app. LastPass and Dashlane are two popular examples of password manager’s people use.
Cyber-criminals are advancing exponential rate and passwords are now not enough to keep your account out of some hacker’s hands.
Email is the primary route for cyber-criminals to gain access and compromise your business’ data. Therefore, adding an ‘extra’ layer such as two-factor authentication is one of the most effective ways of protecting your email account and your business’ data.
Two-factor authentication is straight forward and most common email providers such as Microsoft and Google offer it as a standard. It works by sending a randomly generated code to your phone via text or a code generator app. You will then be prompted to fill this code in to gain access to your account. Two-factor authentication is often referred to as something you ‘know’ and ‘have’.
There is no doubt that spam emails are annoying, but they can be dangerous as well. Spam filters will remove these unwanted and potentially dangerous emails from your inbox so you don’t have too. The result of this? Employees won’t be able to click on potentially harmful links or attachments, and an increase in productivity! Here at entrustIT spam filters are built into our Hosted Desktops.
Public Wi-Fi is everywhere and while it may be tempting to connect to check your emails if you’re sat at the airport waiting for that flight that’s been delayed, or if you’re enjoying a coffee at Starbucks, you shouldn’t. Public Wi-Fi is never secure and where the data passing through the network is unencrypted and unsecured, cyber-criminals love it.
Cyber criminals are often referred to as black hat hackers violate computer security for personal gain where as someone who hacks for ethical reasons to protect systems and people is referred to as a white hat hacker.
Both types of hackers use ‘network sniffers’, however, black hat hacker’s use it to hack public Wi-Fi. The network sniffer works by analysing the data flowing through the network to find important information such as your username and password.
If you are unable to connect to a secure Wi-Fi to log into your email, use your mobile internet which is much more secure than any public Wi-Fi connection.
Phishing has become a popular form of attack for cyber-criminals. To do this they use deceptive emails to trick victims into clicking on links, downloading attachments or sending personal information. Below are some key tips when detecting a phishing email:
- Check the email address, not just who it is from. Cyber-criminals like to spoof the display name to appear as the email is coming from someone you know.
- Check for any grammatical errors as well as spelling mistakes. If an email is legitimate, it won’t have poor grammar or spelling mistakes.
- Don’t give up any personal information. Most companies do not ask for this over email.
- Beware of urgent or threatening language in the subject line. Attackers do this in phishing emails to create a sense of urgency or panic, hoping it will get you to respond.
- Avoid clicking on links unless you are sure of who it is sent from. Links in phishing emails can take you to sites that can be harmful to your computer.
Be wary. Hackers are becoming increasingly sophisticated, so it is becoming increasingly difficult to detect phishing scams unless you pay attention to detail.
Attachments can be a tricky element when it comes to email. If you are expecting something from a colleague in the accounts department, then the chances of it being dangerous are low. However, if something unexpected comes through it always pays to be watchful. Most computer viruses are spread by email attachments, so if you are unsure give the person a call to confirm that they sent it.
File names can be spoofed and then easily infect your computer with viruses or malware. If you right-click the name of the attachment and look at the properties, you will be able to see what file extension it has. Files with .exe, .bat, and .com should not be opened.
Keeping your computer from widespread malware and email viruses can be difficult when cyber-crime is on such a steep rise. Therefore, a strong defence is needed to keep your computer and business safe. A good anti-virus scanning software will have tools in place that allow you to schedule a time for an automatic regular scan as well as scanning emails as they come in.
Whilst not every email that comes in is going to contain viruses or malware, it’s better to be safe than sorry. If you are suspicious of an email, take the time to scan it for viruses and malware.
Whether you are popping to get something at lunch or leaving for the day, ensure you always log out of your emails. You never know who could walk past and have free access if you aren’t there.
Cyber-criminals are everywhere, and although email is the prime target for them, you and your employees can significantly reduce the risk of this by following the tips above. Remember - You are only as strong as your least informed employee.
Want to find out about cyber security in general? Download our FREE White Paper >>