An email account is the gateway into your personal life which, unfortunately, means it's also a valuable target for hackers and cyber criminals. From social media logins to bank account information, the common email inbox can be exploited to leave all of your sensitive data open to compromise. So, perhaps it's of little surprise that attacks on email accounts are common. From complex spear-phishing to malicious documents to social engineering – hackers have never been better-equipped.
Recently, computer expert John McAfee wrote on IBTimes.co.uk to highlight the scale of the problem. "Email accounts are the fundamental identifying elements of the internet. The assumption is that if a person has access to an email account then that is the real person. Yet these accounts are the easiest elements of the digital world to hack into," he said.
So, what can you do to bulk up your email security?
Use a good email client
Amid rising security and privacy concerns, no one would be criticised for being suspicious of big industry players like Google, Microsoft or Apple – just ask Edward Snowden. However, not everyone is a former spy-turned-whistleblower wanted by a powerful government entity so, for most internet users, popular emails clients like Outlook and Gmail will suffice – as long as you're not sharing government secrets. Not only are they free, but will provide consistent security updates and privacy features built-in.
Get the basics right
Without a strong foundation, everything will crumble. This also applies to your email login credentials so it is highly advised that you use a unique email address alongside a password that is lengthy, original and difficult to crack. Keep your password secret and don't re-use the same one for every account – that's just asking for trouble. Furthermore, if your password ranks in this list it's probably best to re-think your approach to security.
Take advantage of two-factor authentication
Once you have strong credentials and a solid email client, make the most of modern security options and use two-factor authentication (2FA) to add another layer protection to your account. This feature has become increasingly popular in recent years and is now offered by most major websites that store sensitive data. It works by letting you add a second method of account verification, usually in the form of a text message or secondary email code and is an easy-to-use feature that can add an extra wall of security around your personal data.
Be aware of the threats
It may feel like you are swimming against the tide, but just being aware of what threats you face can help identify problems before they occur. While this doesn't mean you should be surfing the dark web for the latest threat intelligence or phoning up Kaspersky Lab to check on the latest nation-state news, it simply involves knowing what to look for. Cyber criminals are smart, but often use common tactics that become simple to spot when you know what to look for. Never click on suspicious, unwarranted links. Don't log into linked accounts via your email client and beware of malicious spam. While most modern browsers will intercept many of these threats before you even see them, some will inevitably slip through the cracks.
If you need to, use encryption
If you do need a stronger level of protection for sending or receiving emails, for example while dealing with bank details, you can always use an extra layer of encryption. While most modern browsers use decent levels of cryptography and https connections, it may be worthwhile researching how to install the next level in security – for example Pretty Good Privacy (PGP). While not user-friendly, PGP is generally considered to offer a strong level of protection for your secrets, whatever they may be.
Beware of public W-iFi
Last year, Helsinki-based security firm F-Secure demonstrated the faults of public Wi-Fi by carrying out a controlled hack on three British politicians. During the hack, a white-hat hacker was able to view, in real-time, what websites were visited by the victims and even use key-logger software to capture login credentials. What's worse, this style of attack will likely become more common as technology gets cheaper so it's highly advised never to log in to sensitive accounts on open networks. However, if you are on the move and simply have to use public Wi-Fi, at the very least use a good virtual private network (VPN) to offer a degree of protection.
While these tips won't protect you from extremely advanced hackers or NSA spying (or human error for that matter) basic cyber hygiene will always play a crucial role in keeping your accounts secure.