Email Security 101

We use our emails in a manner that may compromise our own security and we blame our flaws on others.  These few points will help you secure your mail box (and others too) as you use email in your day to day activities 1. Don't use one email account. Most newbie's think of an email account just like you think of your postal box number. It is a good idea to have at least 3 accounts (1 for personal use, another for online newsletter subscriptions and everything you want to do, and the last for business or job related work)   2. Don't hold onto spammed-out accounts too long. Over time, your email account will accumulate a lot of spam and junk mail. You will find that most of your time you have to wade around junk mail to get the email you really need. If this is the case, you will find that is better to discard the email account for a new account.   3. Please close the browser after logging out.   When you check your mail from a shared computer e.g in a cyber café, library or school, you not only need to log out but also make sure you close the browser. Some mail clients display your username (email address) even after logging out. You can also click the browser's back button and some mail services still do a cache of your pages (bad) If you are using Mozilla Firefox browser, before you start browsing, click tools>start private browsing or pres Shft+Ctrl+P   4. Remember to delete browser cache, history and passwords.   How many times have you heard someone claim their facebook account has been hacked to and some weird stuff updated? In fact the users are to blame but I always pity them when they complain because they never admit they are to blame. Once you are done at shared computer, be it in a cyber café or library or a friend's computer, make sure you clear some history. If using firefox just hit Shft+ctrl+Del    5. Please use Blind Carbon Copy (BCC) option when sending a message to multiple people. Most mail users I have seen reply or forward lots of mail to lots of people in the To: field. That is a bad habit considering all other receivers will see all addresses, the receivers get the message, forward the message and earlier addresses are appended in the current message. Stop and think. That is why most of us receive close to 50 spam mails every day.   6. Do not forward Chain Letters. The message is right there. And this includes that mail that says ".. If you don't forward you will not be blessed…" or you will die. These chain letters get into my nerves. An sorry to say I never read them. Especially long mails to me contain no sense (I just hit Del)   7. Don't think an erased email is gone forever. Take care of what you write and send via email. Even after deleting a mail from your sent>inbox>trash folders, the mails still reside in remote servers and can be retrieved very easily by professionals. These mails may come to haunt you years later.   8. SCAM!   How on earth do you win in a lottery you never participated? I don't have to talk about this. You get an email from an anonymous girl who claims to be the daughter of a certain late president claiming to be in need to transfer funds and you reply to that….   9. Phishing   Phishing is a type of online fraud where the attacker tries to imitate a certain website to make you believe it is a legit website. They usually steal logo's, and entire website designs, trick you to supply your personal details e.g passwords, credit card number e.tc   Before you click a link  in your mail, look at the status bar to confirm it is the link you really want to visit.   Signs of phishing include:       * A logo that looks distorted or stretched.     * Email that refers to you as "Dear Customer" or "Dear User" rather than including your actual name.     * Email that warns you that an account of yours will be shut down unless you reconfirm your billing information immediately.     * An email threatening legal action.     * Email which comes from an account similar, but different from, the one the company usually uses.     * An email that claims 'Security Compromises' or 'Security Threats' and requires immediate action.   10. Never Send personal and financial information via email. Any descent financial institution or online store will never ask for your financial information (e.g credit card number) via Email. They usually have a secured web address where you submit your data. The connection is usually SSL secured (Secure Sockets Layer) and ensure the we address starts with HTTPS:// for a secure connection. Emails are more hacked than any other online form of communication   11. Do Not Unsubscribe from newsletters you never subscribed to. Yeah. Spammers like this particular technique. They send out thousands of spam  with an unsubscribe link at the bottom. And because you are bad  enough to unsubscribe, you end up supplying your mail address. You now end up signing up for more spam.   12. Don't Trust your friends email.   I know you are very careful when you get a mail from an unknown party. But when it is from your friend, you think everything in it must be true. Most a time I get email from friends that are as a result of their accounts being hacked. Screen your friend's mail first before taking any action   13. Blacklist spam after deleting it.   Deleting spam does not stop the nuisance. Black list the address   14. Enable Spam Filter Most mail services and mail client apps have spam filters built in. Make use of the spam filter.   15. Scan all email attachments.   Nine out of every ten viruses that infect a computer reach it through an email attachment. Make sure you scan email attachments before you can open them   16. Do not share your account information with others.   I know its your spouse but s/he might not apply the security policies that you apply. Once you share your password with someone else, it is never secure anymore.   17. Don't use simple and easy-to-guess passwords. How on earth would you use a guessable password e.g. 123456, abcd, mypassword etc. Hacker try out guessable passwords which are usually English names and if they cant get in to your account; as a result of a strong password, they will simply give up. Use passwords with a combination of letters, numbers, caps, and symbols.   18. Encrypt your wireless connection.   You have a wireless router but you never care or know that it is open. Encrypt your wireless connection. It is more secure encrypting it using WPA2 standard. WEP is no longer secure.