[caption id="attachment_115533" align="alignleft" width="200"] Chris Brown, vice president of Digital Shadows[/caption] As news of hacking and breaches have dominated the news recently, most investigations have revealed that even the most sophisticated cyber attacks can begin with an email, according to Chris Brown, vice president of Digital Shadows. With this in mind, here are some tips to help make your email more secure, without the need to set up a private email server. 1. Check your email sources Always check who the email came from. Attackers use many techniques to try and appear legitimate, such as using domain names that look almost identical to a genuine domain in order to trick you into visiting that site. This is known as typo-squatting – for example, www.go0gle.com instead of google.com. If it's an address you've never seen before, try searching online for the email domain to see if it's from a registered company. 2. Don't click on links Don't directly click on links in an email. Instead, hover over the hyperlink and make sure the URL matches the page you actually want to visit. Attackers are becoming savvier, and they often hide fake URLs behind linked image buttons or text links, such as "click here". 3. Don't open any attachment Files aren't always what they appear to be. Malware or a virus could be hidden as a seemingly harmless text or image file. Some might try and lure you by claiming to represent a legitimate company, such as a supplier, and will attach documents purporting to be invoices to trick the reader. When dealing with email attachments, be extra careful if asked to enable macros. Macros are bits of code embedded within documents. Though not always bad, they have historically been used to deliver malware. To help combat this, you should avoid enabling macros in email attachments, and ensure any built-in macro security features are always turned on. 4. Use separate accounts It might be easier to simply use one email account for all online services. However in doing so you're playing straight into the hands of an attacker! If someone manages to break into that account, then they can probably gain access to all other services using that address – especially if you use the same password. Consider having separate accounts for different activities: such as an account for work emails, one for personal use, and another one for sites which bombard you with marketing material. To top it all off, make sure you enable two-factor authentication to make it harder for anyone trying to compromise these accounts. 5. Limit how widely you share your email address Always think twice about what information you're posting online. An exposed email on Facebook or a particular forum might be all the invitation someone needs to target you with phishing emails. As well as this, when you sign up for a service or post your email to a public site, your address can be copied or shared to be used by spammers. So if you have to share your email address publicly, try and avoid using emails which link to important services – such as Facebook or your online banking.
