5 simple steps to protect your email from cyber threats

E-mail has been used since the beginning of the internet, being the preferred means of communication for companies and professionals, due to its practicality and different types of approach. There was a time when the population believed that email would end with the arrival of WhatsApp , Telegram, Facebook and other communication sites and applications, but it remains strong and increasingly present in the lives of professionals, therefore, it is It is important to protect your email from cyber threats.

In 2019, active email accounts reached 5.6 billion, according to statistics from Statista , a German company specializing in market and consumer data. Pew Research survey showed that 92% of adults online use email.

But after all, why is email so important? Through email we receive and send information, important contacts and communicate universally, hence the importance of protecting your email.

Today, with the great evolution and performance of hackers and different types of malicious actions circulating on the internet, it is becoming increasingly difficult to stay away from virtual threats. With that, I brought you a list of 5 simple steps that will help you protect your email from virtual threats.

Step 1: Check attachments to protect your email

Extra care must be taken when sending or receiving attachments within the email, as they can carry far more than just files, which can be harmful to your account, even leading to information theft, as they are associated with viruses and are the form most used by cybercriminals.

Below are some tips about attachments that may be useful for security:

• Avoid opening emails with attachments from strangers as much as possible, always be suspicious of the content;
• If you happen to open a suspicious attachment by accident, close the program (preferably from the Windows Task Manager);
• Regardless of your operating system, keeping everything up to date can be key to blocking a virus within an email attachment;
• When sending an email attachment securely, make sure the file size is not too large.

Step 2: Avoid opening spam messages

Spam is the term used to refer to electronic messages that are sent to you without your consent and that are generally sent to a large number of people. This type of generally undesirable email contains, for the most part, advertisements, however, in other instances, these messages contain more aggressive content (viruses and threatening content) and still manage to obtain your personal information, such as bank details, for example. If you think you are being targeted by spam, check the characteristics of these emails below:

• Although it is one of the oldest resources among those used by spammers , spam emails are still found claiming that they will be sent “once only”. This is a characteristic of spam email.
• One of the most frequent, and worst, excuses used by spammers is to claim that if the user is not interested in the unsolicited email, simply “remove it”.
• The email header appears incomplete, without the sender or recipient. Both can appear as nicknames or generic names, such as: friend@, support@, etc. Omitting the recipient is one of the most common cases, as spammers place huge lists of emails in the field reserved for Blind Carbon Copies or Blind carbon copies (Bcc: or Bcc:), as such fields are not shown to the user receiving the message.
• The field reserved for the email subject (subject) is a trap for users and a powerful trick for spammers . Most anti-spam filters are prepared to block emails with various subjects considered suspicious. However, spammers adapt and try to trick the filters by placing misleading content in the subject , such as: vi@gra (instead of viagra) etc.

Step 3: Know that suspicious links should always be ignored

You should not click on suspicious links, especially those linked to unsafe websites, this is the biggest and also the simplest door for threats to contact your network or device. We know that the link is a practical and widely used way to link content to another on the internet, internally or externally, but in order for it to be a good user experience, some precautions can be taken:

• If the user is not sure of the origin of the URL, it may be necessary to check with the contact whether they actually sent the information and whether they are aware that the link is trustworthy;
• If the person is unaware of the platform used, and does not feel confident in the information provided, it is best to ignore it. Mainly emails that are in the spam folder;
• You need to be careful when clicking on shortened links, as today many cybercriminals use tools like goo.gl to shorten links and make them unrecognizable.

Step 4: Have strong and secure passwords

Strong and secure passwords are important and everyone knows this, but according to a survey by the digital security company Kaspersky , most people think they should only protect online banking accounts (51%), email accounts (39%) well. and virtual stores (37%). However, creating strong and secure passwords  is very important, especially to keep your accounts safe, so I've mentioned some tips for you to create passwords that really protect you in the virtual world:

• Prefer long passwords, with upper and lower case letters, numbers and punctuation marks;
• To remember or generate passwords, use a password management program or application such as LastPass , Keeper or Kaspersky Password Manage ;
• Do not choose the name of family members as your code, such as your son, husband or even your pet. By lightly investigating someone's life, these names are easily discovered and can become a weapon.

Step 5: Be alert to existing frauds

The best-known type of fraud is phishing , which consists of tricking the user into stealing information from documents and bank accounts, in order to use it for their own benefit. This type of fraud often occurs through fake emails and forms available on the web. Also, by no means think that perhaps you or your company are too small to be a target for attack.

Criminals know that small businesses often have less fraud protection compared to large businesses. This is one of the reasons why you should be even more concerned about security, as today everyone can be a target of virtual crimes .

In addition to phishing, which is considered an epidemic that has left many people worried, ransomware is one of the most dangerous malware, as it hijacks data from the victim's device and requests the payment of a ransom for release, usually using a virtual currency, which makes almost impossible to track the criminal. This type of “virus” acts by encoding operating system data so that the user no longer has access.

How can I identify a fake email?

It is increasingly complicated and difficult for a user without specific knowledge to distinguish whether a message is linked to fraud or not, as attacks are evolving and getting much closer to reality. Because of this, cyber schemes and crimes are so frequent and successful.

A good example are the various fake emails that are accompanied by links to well-known brands from real companies. However, you can pay attention to some items to protect yourself:

• Social Engineering – whether through rumors, phishing or the simple spread of malicious software, it is very common to use social engineering techniques with the aim of persuading the reader. Normally the message appeals to authority, attributing the alert to a research body, and the texts are incoherent or contain subjects that attract attention;
• They request the execution of a program – it is common for this software to be hosted on free services, which happens very easily given the wide availability of this type of service. These are malicious applications, whose main objective is to collect information from the victim and allow remote access to the user's computer;
• Email address of dubious origin – messages are intended to appear to have originated from the entity in question. This gives a false impression of credibility to the scam, especially for lay and unsuspecting users;
• Fake pages – indicate to the user a fake institution website or an exclusive page for re-registration. These pages are often hosted on temporary domains, or on free providers that may remember the name of an institution;
• Sensitive data – it is common for sensitive data to be requested, such as personal and financial passwords. To increase the number of responses, criminals try to create a sense of urgency so that people respond immediately, without thinking. Normally, banks do not send emails requesting data such as passwords.

Conclusion

At the end of this article, I tried to provide some basic but valuable tips for protecting against cyber attacks via emails. It is important that managers, IT professionals and other company employees know the importance of maintaining the necessary care with this tool, which, as we saw earlier in the text, is a tool still widely used in companies around the world.

I hope you enjoyed the article and that I was able to help in some way.

To the next!