Email Safety and Security

Email Safety and Security

• Email is an unencrypted, plain-text format
• Sensitive information needs additional protection
• Embedded web addresses are often 'phishing'
• Be careful what you open...
 
Remember that plain email is not completely secure; it may be read by anyone listening on the
networks that the email passes through. This is true for most of the traffic that passes through
the Internet. It's possible to use a program called a Packet Sniffer to listen to all the data passing
through a particular area of the network, and unless your data is encrypted, it will appear as plain text in this program. There are ways of making email more secure, using an encryption package such as PGP (Pretty Good Privacy), but they are often tricky to use.
There are a few things you need to remember to stay safe with email:
 
• Don't trust the sender's name, as it can be “spoofed”.
• Never send passwords or credit card details using plain email.
• Never open unknown attachments. Viruses are most commonly spread through attachments
that install rogue programs when opened.
• Be careful of clicking links in HTML emails, or at least check where the link points to by
examining the HTML. Misdirected links are the most common form of phishing “bait”.
• Make sure your email reader doesn't automatically open HTML mail or images. Often, opening
images on junk mail can send an indication back to the bulk-emailer that your email address
is “active”.
• Choose a sensible password for your email account (i.e. not a common name or dictionary
word, preferably a random string of numbers and letters), and use a secure mail program if
possible.
• Keep your virus checker up to date (you do use one, don't you?), and visit http://
update.microsoft.com/ regularly and download/install any critical updates.
________________________________________________________________________________