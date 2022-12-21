Being security-conscious means being prepared for any digital or physical threats that come your way. Ok, so maybe ‘all threats’ is an unattainable target, but if we look at a smaller field like email security, you can certainly learn the appropriate responses to the vast majority of threats encountered. Some issues are an easy fix, while others can be mitigated through additional steps, such as using an encrypted email provider. This article will cover some of the most common issues with examples, as well as what you can do in response.

1. Spam

Situation: Your mailbox is inundated with dozens of unsolicited emails. Some promote products while others seem to contain nonsense texts.

Solution: If you have subscribed to newsletters and promotions, you can look for an “Unsubscribe” option. However, if your email address is in a spam list, there is not much you can do besides blocking/filtering the emails. Suspicious messages should not be opened casually.

2. Unauthorized account access

Situation: Your account is locked due to “multiple failed login attempts”, even though this is the first time you tried signing in.

Solution: If someone is trying to break into your account, you can make it harder for them by increasing password complexity and enabling 2-Factor Authentication. The 2FA requirement should increase the time between login attempts and prevent the account from being really locked.

3. Phishing

Situation: A bank employee contacts you, informing that your account will be blocked due to a rounding error. They say a deposit must be made to correct the issue.

Solution: If you are asked to take urgent manner in a situation that is unusual and suspicious, be wary of a phishing attack. In this case, bank employees probably wouldn’t disclose information about account activity in this way.

4. Imitation

Situation: You receive an email from a colleague asking for details about a confidential project. This person is sitting in the same room as you.

Solution: Email headers can be checked to determine if the message was really sent from the email address indicated for the sender. In this case, since you are near the person in question, you can also ask them about the request face-to-face.

5. Ransomware

Situation: After opening a file that came in the mail, your screen is locked and you see a message demanding payment.

Solution: It is not always possible to recover data after a ransomware attack, but you can contact some security experts to ascertain what can be done. As a best practice, try to avoid downloading or opening suspicious files without scanning/analyzing them beforehand.

6. Open sharing

Situation: A friend has asked you to check his inbox while he is away on vacation. The login credentials were sent in a text message to your mailbox.

Solution: Credentials and other confidential details should not be shared in plaintext or saved in emails. It is recommended to use a specialized service that provides encryption, self-destructing days, and stringent rules for sharing.

7. Mailing lists

Situation: You need to send a confidential invitation to a segment of the company workforce.

Solution: It is not recommended to include dozens of email addresses to the To/CC sections of an email, since everybody sees the list that the message is going out to and may learn privileged information. It is much more practical to create a separate mailbox/forwarder that will send the message to each user individually.