5 Email Security Mistakes You’re Making
7 Email Security Mistakes You're Making (and How to Fix Them)
Don't become complacent with your email security: it's a prime way cybercriminals can hack your accounts. Falling for even one phishing link already puts you at risk of fraud. To help you combat email attacks, here are five critical security mistakes you could be committing by accident.

1. Using Simple Passwords

Your passwords serve as your first line of defence against hackers. At a basic level, they restrict access to anyone who doesn’t know the correct account login credentials. All your accounts have one.

The concept of setting passwords for authentication has existed for decades now. It is the most widely used form of security. However, it’s not free of vulnerabilities. Modern cybercriminals can work around password restrictions through various methods, from brute force attacks to social engineering tactics.

To make matters worse, not many know how to set strong passwords. A study by Avast shows that 83 per cent of people recycle simple passwords across all their personal and work accounts. Weak login credentials provide zero security. No matter how frequently you update them, hackers will still take over your account if you choose poorly thought-out combinations and dictionary words.

To create strong passwords, use complex alphanumeric strings. And if you’re worried about forgetting lengthy combinations, invest in a secure password manager. It auto-fills login credentials.

2. Setting Up MFA Accounts on Just One Device

Multi-Factor Authentication (MFA) creates an extra layer of security against hackers. It minimizes the risk of takeovers by requiring one-time tokens, unique codes, or facial recognition every time you log in to your account. MFA even stops hackers who already know your password.

Despite its security benefits, MFA isn’t flawless. Using one authentication device makes logins convenient, but it also creates a single point of failure.

Once a hacker gets a hold of your primary device, they’ll have access to all your MFA-enabled apps and their respective authenticators. They could kick you out of your accounts.

Instead of placing authentication apps, keys, and SIM cards in one place, install them on a secondary device. Use a spare phone or tablet that you leave at home. That way, you can quickly recover your online profiles should hackers gain access to your device.

3. Overlooking the Sender's Address

Spam emails are getting scarily accurate. Cybercriminals abuse modern technologies to execute complex, sophisticated phishing attacks. You might confuse fake and authentic messages if you carelessly accept every prompt or request in your inbox.

To avoid phishing attacks, make a habit of checking the sender’s address. Criminals can replicate the way authentic emails look, but they can’t copy company domains.

4. Failing to Organize Email Accounts

Most people have multiple email addresses nowadays. On average, people have two to four accounts, which they use for personal and professional purposes alike.

However, not many utilize secondary profiles despite having them. They randomly give out email addresses. Doing so defeats the purpose of creating multiple email accounts in the first place.

Make sure you organize your profiles. Ideally, each account should have a dedicated function. Take control over who communicates with you and where they send messages by limiting your contacts to specific email addresses.

When entering contests, signing up for newsletters, or creating accounts on shady websites, use email accounts with made-up contact information.

5. Clicking Email Links

Hyperlinks make it easy to share information via email. Instead of overloading readers with too much text, links can direct them to the appropriate resource pages. They minimize clutter without muddling the message.

Although hyperlinks are convenient, you should avoid clicking them altogether—regardless of the email sender. Hackers use malicious links to steal data every day. Unknowing victims often get redirected to fake phishing pages or malware-infected websites.

The best approach is to type out URLs yourself. Let’s say you receive a contact information update request from your commercial bank. Instead of clicking the link in the email, visit the bank’s website, log into your account, and perform the requested action through the correct channel.

Bolster Your Email Security by Changing Small Mistakes

Email security doesn’t require expensive cybersecurity tools. Even minute changes can prevent common email attacks. Focus on adopting good email security habits, e.g. ignoring unknown senders and organizing secondary email accounts.

Familiarize yourself with the red flags indicating an email attack. Although email service providers filter high-risk messages, some might still fall through the cracks. Skilled crooks can quickly bypass spam filters. But even if they reach your primary inbox, they can’t do any damage unless you wholly avoid engaging with them.

Sign up for our newsletter

* indicates required