Sunday, September 27, 2020

Five tips for better email security

By Chris Brown, VP EMEA and APAC, Digital Shadows

While security is everyone’s responsibility, it’s not always easy to get right. Our “Security Best Practices” blog series will provide simple tips that enable users to improve their online security. These articles aren’t for pros, but for those trying to get their basics down.

Even the most sophisticated cyber attacks can begin with a relatively simple email compromise. Only last week, we learned that attackers had crafted fake email invitations to deliver information stealing malware to guests attending a Palo Alto security conference in Indonesia. The attackers cleverly used screenshots of genuine conference invitations sent by Palo Alto to deceive the unsuspecting attendees.

With this in mind, here are some of our simple tips to help make your email more secure, without the need to set up a private email server.

  1. Check your email sources

Always check who the email came from. Attackers use many techniques to try and appear legitimate, such as using domain names which look almost identical to a genuine domain in order to trick you into visiting that site. This is known as typo-squatting – for example, www.go0gle[.]com might be used to direct users to malware. If it’s an address you’ve never seen before, try searching online for the email domain to see if it’s from a registered company.

  1. Don’t click on links

Don’t directly click on links in an email. Instead, hover over the hyperlink and make sure the URL matches the page you actually want to visit. Attackers are becoming savvier, and they often hide fake URLs behind linked image buttons or text links, such as “click here”.

  1. Don’t open unsolicited attachments 

Files aren’t always what they appear to be. Malware or a virus could be masquerading itself as a seemingly benign text or image file. Now these types of emails aren’t always that easy to spot, and they won’t all be from a Nigerian prince claiming to hold the key to your long-lost second cousin, twice removed’s “peanut dust” fortune. Some might try and lure you by claiming to represent a legitimate company, such as a supplier, and will attach documents purporting to be invoices in the hope that you’ll take the bait.

When dealing with email attachments, be extra careful if asked to enable macros. Macros are bits of code embedded within documents. Though not always bad, they have historically been used to deliver malware. To help combat this, you should avoid enabling macros in email attachments, and ensure any built-in macro security features are always turned on.

  1. Use separate accounts and enable two-factor authentication

We know it’s tempting to simply use one email account across all the online services you are active on, but in doing so you’re playing straight into the hands of an attacker. If someone manages to break into that account, then they can probably gain access to all other services using that address (especially if you use the same password). Consider having separate accounts for different activities: such as an account for work emails, one for personal use, and another one for sites which bombard you with marketing material.

To top it all off, make sure you enable two factor authentication to make it harder for anyone trying to compromise these accounts. For more tips on better password security, check out our previous blog in the series.

  1. Limit how widely you share your email address

Always think twice about what information you’re posting online. An exposed email on Facebook or a particular forum might be all the invitation someone needs to target you with phishing emails. As well as this, when you sign up for a service or post your email to a public site, your address can be copied or shared to be used by spammers.

So if you have to share your email address publicly, try and avoid using emails which link to important services – such as Facebook or your online banking.


HM King addresses United Nations General Assembly

His Majesty King Hamad bin Isa Al Khalifa has delivered Bahrain’s address to the 75th session of the United Nations General Assembly in New...

Gulf Air Resumes Direct Flights to Dhaka

Gulf Air, the national carrier of the Kingdom of Bahrain, announces that it has resumed its direct flights to and from Dhaka’s Hazrat Shahjalal...

Education Minister participates in virtual meeting

Minister of Education Dr. Majid bin Ali Al Nuaimi participated in the Arab Education Ministers meeting on endorsing the document of developing education in...

Bahraini hero Hamza Kooheji beats Aidan James and edges closer to a BRAVE CF title shot

Bahrain’s own Hamza Kooheji earned perhaps the biggest victory of his career as he walked away with a split decision win over Aidan James,...

BRAVE CF 42 full fight card released with 12 nations represented and the Flyweight Tournament quarter-finals

BRAVE Combat Federation returns to the Kingdom of Bahrain, for the second consecutive week with BRAVE CF 42, on September 24th. The promotion released the full...

Towards Creating Career Opportunities: Interview with Pakiza Abdulrahman

Bahrain Economic Development Board is an investment promotion agency chaired by His Royal Highness Prince Salman bin Hamad Al Khalifa, the Crown Prince, Deputy Supreme...

The Avenues-Bahrain 3rd Year Anniversary Celebration

The Avenues-Bahrain is celebrating its 3rd year anniversary since opening its doors to the public on the 29th of October 2017. The Avenues –...

GLOMAT – The First Thai-Bahrain Hybrid Virtual Business Meeting

The Royal Thai Embassy, in cooperation with the Office of SMEs Promotion (OSMEP) Thailand, Institution of Small and Medium Enterprises Development of Thailand and...

Batelco Launches Unlimited Business Mobile Packages

Batelco has unveiled its latest business mobile packages in a complete refresh of its existing packages, targeted at business customers including entrepreneurs, SMEs and...

Bahrain’s presence in the European Market to Achieve The Kingdom 2030 Vision

HH Shaikh Nasser bin Hamad Al Khalifa, Representative of His Majesty the King for Humanitarian Work and Youth Affairs has received, in the presence...

BD 150,000 ‘Shop & Win’ anniversary bonanza

Lulu Hypermarket is celebrating its 13th anniversary of being a retail leader in the Kingdom of Bahrain with a grand ‘Shop and Win’ e-raffle...

SCE launches training course for radiological and nuclear emergencies

The Supreme Council for Environment (SCE)’s CEO Dr. Mohammed Mubarak bin Dainah, launched the national training course on responding to radiological and nuclear emergencies. The...

BRAVE CF and BTEA partner for Kombat Kingdom series

BRAVE Kombat Federation, the biggest sports-brand in Bahraini history, is partnered up with the Bahrain Tourism & Exhibitions Authority to showcase to BRAVE Nation...

Gulf Air proudly resumes direct flights to and from Saudi Arabia

Gulf Air, the national carrier of the Kingdom of Bahrain, proudly announces the resumption of its direct flights to and from the Kingdom of...

Plans to improve electricity, water services discussed

Electricity and Water Affairs Minister, Wael bin Nasser Al-Mubarak, received here today the representative of the third constituency of the Northern Governorate at the...