How to secure your email account?

What is an e-mail?

Electronic mail also known as email or e-Mail is a mechanism of exchanging messages from sender to one or more recipients. The first thing you need to send and receive e-mails is an e-mail address. Currently we can find many service providers to create an account to send and receive e-mail.
Ex:

1. Yahoo
2. Google
3. Hotmail

e-Mail security

In the present world, e-mail security is one of the major concerns of Information Technology field as it’s affected from most of the new vulnerabilities and exploits. Recent surveys mentioned that e-mail is more valuable than phone, when it comes to business communications. It is no wonder that most of the organizations as well as general public are concerned about e-mail security.

What are the threats to e-mail security?

Viruses
Viruses have the ability to destroy data and bring down the entire email system.

Spam
Spam is considered as a security threat because the volume of it can directly affect the system availability and also it can carry viruses.

Phishing
Phishing is known as identity thieves targeting customers of financial institutions and online retailers. Phishing uses spam techniques to generate huge number of e-mails to trick users to provide their personal details such as credit card numbers and passwords.

Most common ways to act against e-mail threats

• Before opening your e-mail client
  • Check whether the virus guard is up to date.
• New e-mail received:
  • Check the validity of the sender:
    • If you can’ t validate – Discard
  • Check if the subject, body and attachment can be trusted.
    • If it can’t be trusted– Discard

Special Consideration

• When an email is received from an unknown source
  • Don’t click any links in the e-mail
  • Don’t download any attachments.
  • Don’t forward it to anyone.
  • Don’t submit any of your personal details

How to configure an e-mail password in a secure way

• Check the complexity of the email password.
• Secure password would configure as follows

EX: 1 –
In this scenario we can use something like this. A smart way to develop an easy to remember password is to combine three small words like ‘ballbatwicket’ ,’tomjerrymicky’ etc. Then we can add more security by capitalizing the first letters of the different words. Ex:’BallBatWIcket’. Then we can add a number at any place of the password. That could be your favorite number or some other number that you can remember easily. We can add a symbol to the password as well. That symbol could be anything you are familiar with. Now we can write a secured password like this ‘2BatBallWicket#’.

EX: 2 –
“My school at Moratuwa” may become “mi$c#@MT”

Example Scenarios

Scenario 1

Andrew is a businessman who is dealing with foreign clients. Most of the time, he is travelling all around the world. Today morning one of Andrew’s friends called “James” received following email.
From: Andrew@mail.com

To: James@tmail.com
Subject: “James I need a big favor”

Hi James,

Dude, Currently I am in Germany and I am facing a big problem right now. I lost my valet last night. I lost all my credit cards and cash. Herewith I am sending account details of hotel manager which I reside at the moment. I will return the money when I come back. I have deactivated all my cards few minutes ago. Your help would me much appreciated.

Name: Michel Thomas
Account Number: 100938883980
Bank: Barclays Bank

Best Regards
Andrew.

What should you do after receiving such an e-mail –

• Do not reply to this e-mail
• Do not send any of your personal details
• Do not transfer any money to the mentioned account
• Inform us about this matter

Scenario 2
“Manel” Received following e-mail Last night

From: Mailinglistadmin@Dmail.com
To: Manel1234@Dmaiil.com
Subject: Password Verification

Dear Manel,
Hope you are doing well, Dmail is in the process of verifying all their users’ password due to system account upgrade. Please reply to this email by submitting your current password. Your early response would be much appreciated.
Best Regards
Dmail Team.

What should do after receiving such an email –

• Do not reply to this e–mail
• Do not forward it to any one
• Inform “Dmail” about this matter
• Inform us about this matterScenario 3

“Philip” is a physician and last 10 years he is dealing with “Megabank” for his banking purposes. Today morning he received following email.

From:MegaBankonline@megab ank.com
TO: Philip123@smail.com
Subject: New Internet Banking Features

Dear Customer,

“Mega Bank ” is always thinking about the value added services and try to enthusiast our customers while on their business. “Mega Bank ” Internet banking system now has more features to increase the efficiency of Internet banking Please click the following link and feel the difference.

http://www.megabanknewonline. com/login.php

Best regards
Mega Bank Team

What should do after receiving such an e-mail –

• Do not click the link
• Do not forward it to anyone
• Inform “Mega Bank” about this matter
• Inform us about this matter

This document was prepared by the Training Division of LK Domain Registry in collaboration with the Internet Society Sri Lanka Chapter.

For more details please visit http://training.domains.lk/