Archives - Email


Uninstall GPG/PGP email plugins (as of May 2018)

In May 2018, it was revealed that the commonly used encrypted email protocol PGP (Pretty Good Privacy) was vulnerable to a certain sophisticated cyber attack. This is unsurprising in a way, since PGP has been around for decades. For protection, you should uninstall any PGP plugins in emails clients like Apple Mail and Mozilla Thunderbird.

Monitor your password recovery email account

If you ever forget a password, you’ll likely reset it by having a link sent to an on-file email address. Make sure that that account is secured with two-factor authentication, doesn’t have any unusual forwarding filters set up and allows for global sign-out in case someone else accesses it.

Use encrypted email if you regularly send sensitive data

You might think email is relatively safe, but it’s an old set of protocols with many vulnerabilities. Consider using encrypted email for full protection – messages sent through these services are completely unreadable by anyone without your key, although using it can take some getting used to.

Be wary of email hyperlinks

Avoid clicking on hyperlinks in emails; type the URL directly into the address bar instead. If you choose to click on a link, ensure it is authentic before clicking on it. You can check a hyperlinked word or URL by hovering the cursor over it to reveal the full address.

Don’t send sensitive information over standard email

Email is an old set of protocols that can easily leak your data. Don’t include information about your Social Security benefits or bank account in the body of a standard email. If need be, transmit such items instead via phone, fax, or even encrypted email, which is available via free tools such as GPG Suite.

Avoid mysterious email links and attachments

Ransomware encrypts your files and demands payment for their decryption. It usually starts with a malicious link or attachment targeting vulnerability in outdated software. Don’t click these items if you don’t recognize them and/or if they were flagged by your security software. Also, never pay ransoms, since they don’t guarantee safe return.