December 22, 2021
5623
0Stop Saving This Information in Email [+ Several Rules for Data Protection]
Email is always convenient, but don’t forget that many attackers hunt for access to personal and corporate mailboxes. Having gained access to your mailbox, attackers can not only view important emails and data in there, but also use it to send emails on your behalf and for further attacks.
You can rely only on protective technologies and solutions, but no one is immune from the tricks of “phishers” and random errors. Therefore, you should not store essential messages and other information that you would not want to show to strangers in your email records.
What should be removed first, and how to protect yourself? We will tell you in this article.
Choose the most secure email services for data protection here.
The list of secret data to be saved
#1 Authentication data
Forwarding passwords by unencrypted email is generally a bad practice. That’s why most modern services do not even send a temporary password — a unique link to the interface to change it. However, in many companies, password forwarding by mail is still practiced, especially when accessing some internal services or resources. Moreover, sometimes employees send themselves passwords, logins, and answers to secret questions in order not to forget them.
Attackers are looking for such messages first: access to corporate resources will allow them to develop an attack or get additional information for manipulation using social engineering.
Why is social engineering dangerous for users? Read the answer here.
#2 Notifications from work services
Online services often send you various notifications: confirmation of registration, links to reset your password, or notifications about changing the privacy policy. By themselves, these emails are not needed by any attacker, but they show which services you are subscribed to. The attackers will most likely have prepared scripts to search for such notifications automatically.
#3 Scans of personal documents
Often, employees of companies (especially small ones) are tempted to use the mailbox as a cloud file storage, especially if the office scanner kindly sends documents to the mailbox. Copies of passports, taxpayer IDs, and other documents are often needed to process papers for business trips.
We recommend deleting them from the mailbox immediately after downloading. It is better to store documents in encrypted storage.
The best file storage and sharing method is here.
#4 Confidential working documents
Document exchange is an integral part of the workflow of many employees. Unfortunately, there are some documents that may be valuable not only for your colleagues but also for potential attackers.
Therefore, it is better to delete confidential information immediately after receiving it and send it in encrypted form.
#5 Personal data
In theory, other people’s personal data may also be in your mailbox: resumes of applicants, notifications about customer registration, employee questionnaires. All these people gave the company permission to store and process their personal data. But they are unlikely to be happy if this information falls into the wrong hands. And even more, regulators will not be happy about this fact, especially in countries with strict laws concerning PII (personally identifiable information).
Learn more about personal information protection here.
How to secure personal information in an email
To keep your account confidential and protect yourself from phishing, viruses, and malicious programs, you should follow a few simple rules when using email.
1. Use separate email accounts
Why would one user have multiple accounts? At first glance, one email address should be enough to register on various sites to receive notifications, mailings, messages, business correspondence.
In reality, the opposite is true. The large number of emails that the user receives daily complicates email management. For example, finding the correct message is much more challenging if the mailbox is overloaded. And using one account for personal and business correspondence increases the risk of sending a purely personal note to your business partner or vice versa.
2. Use Utopia P2P
Utopia P2P is a new generation ecosystem available right now. It offers anonymity and privacy of online data. It is based on peer-to-peer technology without using a centralized server for data storage. Instead, each user receives a personal crypto container after their anonymous registration.
All user’s online needs are met with convenient and multifunctional tools: messenger, email, browser, e-wallet, games, mining, and much more. The email system (uMail), by the way, encrypts all messages, which are accessible only by the sender and recipient. This is a great option for sending messages and storing them because unique two-level encryption protects all data in the ecosystem. Therefore, the risk of information leakage or hacking is zero.
Read more about Utopia P2P here.
3. Do not neglect password security
Having multiple email accounts is useless if the same password is used. If one of the accounts is hacked, it will not be difficult for hackers to steal information from others.
So, each account must have a unique password. To develop a really strong password, you need to avoid using words from the dictionary or anything related to your data. Instead, it is best to create a long string of random letters, numbers, symbols, which can be generated using passwordsgenerator.net. To remember new complex passwords, it is best to use a password manager.
Find out the best ways to create proven passwords to protect data here.
4. Beware of phishing
Phishing is a type of cybercrime where fraudsters contact users by email on behalf of well-known websites (for example, eBay, Amazon, Facebook, etc.). Then, under the pretext of problems with a user’s account and authentication, they ask you to send confidential information such as personal information, payment details, credit card details, or passwords.
Never open phishing emails! Think about it whenever you are asked to provide account details or instructed to update your username and password. Please look at the source and make sure it is legitimate before doing anything.
Learn more about phishing attacks here.
5. Never click on links in email messages
Whenever there is a link in an incoming email, 99% of the time do not click on it. The only exception may be if you are waiting for registration on a forum or a message about account activation.
The same applies to spam, in the messages in which links appear to provide any services or products. Again, never follow these links – it is unknown where they will lead.
If you receive messages from a bank or any other service with a payment request, you should go to the website not by using the link provided but by typing the address manually in the internet browser’s search bar.
6. Do not respond to suspicious emails
Some spam emails are more harmful than others. For example, when you receive an email about winning the lottery or about friends who have lost their passport in another country, never reply. The message is intended to steal information about you or your bank account.
Strangely, even as cybersecurity is constantly evolving and reaching a new level of protection, we remain as vulnerable as ever. Therefore, email reliability directly depends on our common sense and careful decisions.
Follow the security tips and stay secure all the time.
