While optimists say that “every cloud has a silver lining”, pessimists comment that “every silver lining has a cloud”. Perhaps it would be kinder to say that every benefit comes at a price. For example, in the 21st century, we enjoy the massive benefits of the digital world which has brought us hitherto unimaginable levels of convenience. The price for this, however, is that we now have to be increasingly security-conscious and keep ourselves up to date with common threats. Here is some guidance on keeping safe with email.
Pay close attention to the sender address of any email you are sent
Email addresses can be faked with various degrees of intensity and some of these fakes are so easy to spot you might be tempted to wonder why the people behind them bother (the answer being that email is, effectively, free to send, which encourages people to take a “there’s no harm in trying” approach). For example, anyone with the remotest knowledge of the internet is likely to laugh at a phishing email sent from “email@example.com” but some email scams may require a little more in the way of observational skills to spot, for example, if an email came from firstname.lastname@example.org it might be easier to miss the extra l in the address. In reality, PayPal itself owns the domain paypall.com (quite possibly to stop it being used by fraudsters) but smaller and/or local companies may not have the knowledge or means to buy up similar domains in the same way and hence might be targeted.
Remember that even genuine email addresses can be hacked
If you receive an email which you are confident comes from someone you know and it asks you to do something unexpected, make sure that you thoroughly verify that it comes from the person you know and not from someone who has hacked their account. This holds true for both companies and private individuals. Be very wary of calling any number listed in the email, you could just find yourself speaking to a fraudster, instead verify contact details by independent means and no matter how urgent the email sounds, hold off handing over any money unless you are 100% sure the request is genuine.
Be careful handing over your email address to anyone else
Of course, email is intended to be shared, in fact, the whole point of communications channels is to connect people with each other, but that doesn’t mean you need to hand over your email details to anyone who wants them. Not to put too fine a point on the matter, every time you hand over your main email address to someone else, you’re increasing the chance that you will be exposed to an attack. The more details a person has in addition to your email address, the greater the degree of risk. That being so, you may want to consider having some “spare” email addresses which you can use in situations where you need to hand over an email address (e.g. for online shopping) but don’t necessarily want to give out your main (family, friends and/or work) address. If you only want to manage one inbox, you can have these extra email accounts forward to your main one.
If you do hand over an email address make sure it’s actually yours
In principle, if you accidentally enter someone else’s email address instead of your own then there may be a possibility that they will be able to use this mistake to access your account details.
Avoid using autofill, especially on shared computers
Autofill may be very convenient, but the security drawbacks are obvious. If you must use it, it’s best to keep it for private computers, not shared ones.