How secure is your email?

Email may seem like a fairly secure method of communication, given that access to it is password-protected. In reality, though, emails are exposed at various stages, and not just as far as you and your password are concerned. This may allow fraudsters to commit identity theft and fraud.

How secure is your email?

There are four key areas that fraudsters could target in order to gain access to your email:

  • User’s devices, such as your laptop, tablet or smartphone
    If you leave your devices unlocked and unattended, someone else could easily try to access your email. They’ll succeed if you’re already logged on to your email account, or if your password’s saved on your device, or easy to guess. Fraudsters who don’t have physical access to your devices can still have other tricks up their sleeves for accessing your email, such as by phishing.
  • Networks
    Identity thieves don’t need access to your email account itself in order to gain access to your correspondence. They could target the connection between your device and your email provider, between your email provider and the recipient of your email, or between the recipient’s device and their email provider.
  • The servers that hold the emails
    Servers physically store data that make up your emails. Identity thieves with access to email servers could gain access to not just the emails currently sitting in your inbox; they could potentially also get hold of your email attachments, or even some emails that you’d recently deleted.

What to look out for

There are steps that you can take to try to protect your emails from falling into the wrong hands. Some suggestions can be found here. Generally speaking, you should keep your passwords strong and secure – this extends to securing devices such as laptops, tablets and smartphones as well. You should also ensure that your devices have firewalls and anti-spyware software installed, and that these are updated regularly.

Be wary if you receive an email asking for your private information – or which links to a web page asking for your personal data. Ensure that the sender if legitimate – some inboxes, for example, let you hover your mouse over the sender’s name in order to view their email address, so that you can check that they really do come from a trustworthy sender or organisation. If you do end up clicking on a link, make sure that the site is reputable, and that the page itself is secure (you’ll see ‘https’ instead of ‘http’ in the URL line).

If you’re sending sensitive information to someone else, you may want to consider if email is really the best method to do so. If it is, make sure that you’ve got their email address right – you don’t want to mistype this and send private information to the wrong person.

What to do if your email’s been compromised

If you think that your email’s been compromised, there are some steps that you can take to minimise the damage. They include the following:

  • Change your email password, making sure that the new one is strong
  • Change the security questions to your email account
  • Scan your device using anti-virus software
  • Report it to your email provider
  • Report it to Action Fraud, the UK’s national fraud and cybercrime reporting centre
  • Tell your contacts that your email may have been compromised, so that they’ll treat any communication coming from your email address with caution
  • Monitor your credit report. You can check your Equifax Credit Report & Score (which is free for the first 30 days then £14.95 monthly) regularly to see if there’s any activity on your report that you can’t recognise. This will allow you to take action early if you spot any suspicious behaviour.

Related Articles