by Melissa Sorenson, Organizational Development advisor to DLINQ
Lately, checking my email has felt like mingling with a crowd of unpleasant and potentially dangerous acquaintances.
“Hey, remember that sweater you bought last winter? Well, we remember (we track your purchases) and bet you would like these sweaters too.”
“Hi there, this is your…uh… bank? Yes, definitely your bank! We forgot your social security number, can you give it to us one more time?”
“Hi, I’m not sure how I got your contact information, but I need to make sure your email address is active before I sell it, will you click this link?”
For the last several years I passively ignored this growing onslaught, but the increasing number of high-profile data breaches and security lapses made me realize that my email account and address are both things I might need to actively protect. It can be overwhelming to consider how many places your email address lives online. It might be connected to your social media accounts, shopping history, browsing data, banking information, personal records, online comments, blogs, and, of course, your correspondence. Your email address is likely woven throughout your entire digital fingerprint. Which might make it all the more disconcerting that simply entering your email address is a common way to check whether you have been part of a data breach.
Inside your inbox, you might be comforted by the fact that your email offers encryption or protections like automatic filters and quarantine spaces for notorious spam, but these safeguards are no substitute for smart email practices. Technology can’t always stop us from sharing our email address in the wrong place, clicking a suspicious link, or opening a malicious attachment. We should be aware, too, that commercial email providers like Gmail and Yahoo scan our email to collect data on us, sell our data to others, and use our data to advertise to us. We, as users, need to educate ourselves to avoid traps and pitfalls. So what can we do?
Tips for Mindful & Safe Email Management
Keep your email account & address secure
- Treat your email address like a piece of important personal information. Share it thoughtfully and consider using a secondary or disposable email address for instances where do you not want to provide your primary email. Consider using alternative email as a way to avoid the typical commercial data-hungry email platforms.
- Pick a strong password (and change it regularly), and do not use the same password for any other accounts.
- Avoid unsecured WiFi networks that do not protect your internet traffic.
- Enable two-factor authentication.
Be smart about processing emails
- Be aware of phishing attempts, techniques, and how to spot a phish. Also beware of spear-phishing.
- Hover over, don’t click, links in an email to verify their destination. Check carefully to make sure they lead to the authentic destination and not a spoofed version, and make sure the website is secure (https) before entering any information.
- Always keep anti-virus on and up to date (Middlebury uses Sophos).
- Stay educated on best practices and current threats.
- If you cannot verify the sender of an email don’t click on links or open attachments, and watch for clues like unusual grammar and content.
- Avoid sending any unnecessary personal information via email.
Manage your time and email volume
- Limit your email time each day. You might not think this is possible, but give it a try.
- Be mindful of the promotions and newsletters you enjoy receiving, as well as those you consistently do not open or delete. These are opportunities to unsubscribe. Take a day to unsubscribe from emails you no longer want to receive.
- Unsubscribe carefully, if the email is not from a known sender, consider filtering to junk email rather than unsubscribing (some scammers might use an unsubscribe button to verify your email address is active).
- Pay attention when making purchases or signing up for something online that you do not accidentally sign up for unwanted email. Often you are required to opt out, rather than opt in, to receiving email.
Whether your goal is increased security or simply fewer annoying emails, better email management in 2018 can be an important stage in your personal digital detox. Happy unsubscribing, filtering, and safeguarding!
Zen Habits, A Mindful Guide to Email in 20 Minutes a Day
Me and My Shadow, Alternative Email Services
@MiddInfoSec, Information Security is Everyone’s Responsibility
Techlicious, What To Do When Your Email Gets Hacked
PC Mag, Two-Factor Authentication: Who Has It and How to Set It Up