2/9/2021

Weekly Cyber Tips
DO's

Email security is a term for describing different procedures and techniques for protecting email accounts, content, and communication against unauthorized access, loss or compromise. Emails are often used to spread malware, spam and phishing attacks. Attackers use deceptive messages to entice recipients to part with sensitive information, open attachments or click on hyperlinks that install malware on the victim’s device.

Email platform is also a common entry point for attackers looking to gain a foothold in an enterprise network and obtain valuable company data.

Don’ts for Email Security

  • Never use company/corporate emails for personal preferences

    Employees should avoid making use of company emails to register for personal hobbies, preferences and habits such as ecommerce and entertainment sites. These sites are prone to breaches and attackers regularly scan these sites for email addresses.

    An attacker with your corporate email can send fake messages impersonating you and even gain access to the organization’s internal network through your email as a pivot point.

  • Never click the “unsubscribe” link in spam emails

    If a spam email does end up your inbox, and you open up the message, the last thing you want to do is click the unsubscribe link. You might think it’s sensible to prevent further emails from the messenger, but that’s not the case. Hackers will place them in emails in an attempt to trick you. Delete the emails or mark as spam.

  • Never access emails from public WiFi

    Avoid checking your email when you’re on public WiFi, such as when you’re at a coffee shop, airport, or city park. It can be tempting to want to be connected everywhere you go, but unfortunately, public WiFi can be extremely insecure.

    Hackers use programs called “network sniffers” that monitor all of the wireless data flowing through a specific network, and then analyze that data for personal and important information. For example, your private information such as your username and password.

  • Never open unexpected attachments or links

    Sometimes you’ll receive phishing emails that contain file attachments. If an unknown source specifically tells you to open a file attachment, you can likely bet that there is something malicious going on.

    Of course, you might come across some emails from a sender you don’t know personally that might be genuine. Always exercise caution.

  • Never share your password, even with co-workers and managers

    It is individual and ensures that only you are responsible for your actions(accountability).

How to secure your emails

  • Use strong passwords that are unique and have password complexity

    A secure password is practically impossible to guess without previous insight. Hackers use specific password-guessing software that runs through millions of combinations – the more complex the password, the more time it takes for the software to decode it.

  • Change Email password often

    Regularly change email passwords (every 90days) but if you suspect a breach change immediately and contact Manitoulin group of companies IT team.

  • Use two-tier authentication(2FA)

    This is a surefire way to add an extra layer of security to your inbox. Major email clients have the 2FA option built-in, so you can easily enable it. It makes hacking much more difficult for cybercriminals as even if a hacker manages to retrieve the password to your account, 2FA will block them by requiring a code texted to your phone.(Contact Manitoulin IT department to help in activating 2FA for your email).

  • Watch out for phishing emails

    Its important to keep your eyes peeled for suspicious messages. Phishing is a common method used by hackers to take advantage of a recipient. These emails can goad recipients into sending the hacker money or their personal information.

    Learn how to recognize phishing: – Messages that contain threats to shut your account down
    – Requests for personal information such as passwords or Social Security numbers
    – Words like “Urgent” – false sense of urgency
    – Forged email addresses
    – Poor writing or bad grammar

  • Use anti-virus software on your local machine, and make sure it’s kept up-to-date with the latest virus definitions

If you suspect your email has been breached or needs more security kindly contact Manitoulin group of companies IT Team via the IT portal

Olalomi Safiu
Cybersecurity Analyst
Manitoulin Group of Companies
M 416-660-1407
Manitoulin Group of Companies