How secure is your email?
Email may seem like a fairly secure method of communication, given that access to it is password-protected. In reality, though, emails are exposed at various stages, and not just as far as you and your password are concerned. This may allow fraudsters to commit identity theft and fraud.
How secure is your email?
There are four key areas that fraudsters could target in order to gain access to your email:
- User’s devices, such as your laptop, tablet or smartphone
If you leave your devices unlocked and unattended, someone else could easily try to access your email. They’ll succeed if you’re already logged on to your email account, or if your password’s saved on your device, or easy to guess. Fraudsters who don’t have physical access to your devices can still have other tricks up their sleeves for accessing your email, such as by phishing.
Identity thieves don’t need access to your email account itself in order to gain access to your correspondence. They could target the connection between your device and your email provider, between your email provider and the recipient of your email, or between the recipient’s device and their email provider.
- The servers that hold the emails
Servers physically store data that make up your emails. Identity thieves with access to email servers could gain access to not just the emails currently sitting in your inbox; they could potentially also get hold of your email attachments, or even some emails that you’d recently deleted.
What to look out for
There are steps that you can take to try to protect your emails from falling into the wrong hands. Some suggestions can be found here. Generally speaking, you should keep your passwords strong and secure – this extends to securing devices such as laptops, tablets and smartphones as well. You should also ensure that your devices have firewalls and anti-spyware software installed, and that these are updated regularly.
Be wary if you receive an email asking for your private information – or which links to a web page asking for your personal data. Ensure that the sender if legitimate – some inboxes, for example, let you hover your mouse over the sender’s name in order to view their email address, so that you can check that they really do come from a trustworthy sender or organisation. If you do end up clicking on a link, make sure that the site is reputable, and that the page itself is secure (you’ll see ‘https’ instead of ‘http’ in the URL line).
If you’re sending sensitive information to someone else, you may want to consider if email is really the best method to do so. If it is, make sure that you’ve got their email address right – you don’t want to mistype this and send private information to the wrong person.
What to do if your email’s been compromised
If you think that your email’s been compromised, there are some steps that you can take to minimise the damage. They include the following:
- Change your email password, making sure that the new one is strong
- Change the security questions to your email account
- Scan your device using anti-virus software
- Report it to your email provider
- Report it to Action Fraud, the UK’s national fraud and cybercrime reporting centre
- Tell your contacts that your email may have been compromised, so that they’ll treat any communication coming from your email address with caution
- Monitor your credit report. You can check your Equifax Credit Report & Score (which is free for the first 30 days then £7.95 monthly) regularly to see if there’s any activity on your report that you can’t recognise. This will allow you to take action early if you spot any suspicious behaviour.
- How to spot and avoid travel scams
- Infographic: What is a money mule?
- What is money laundering?
- What is a Ponzi scheme?
- How to report identity theft
- How to protect older people from being scammed
- Using contactless mobile payments and apps
- Safeguard your personal data when using smart home assistants
- Safeguarding your family’s personal data on smart toys
- How your identity could be stolen offline
- Protect against ID theft when making mobile payments
- Online Fraud Terminology
- What is anonymous browsing?
- Distributed Denial of Service explained
- Identity theft and fraud explained
- Financial fraud explained
- Best practices for avoiding identity theft
- Stay safe online: Creating a secure password
- Scam avoidance: A few ways to help stay secure
- Are smart gadgets putting you at risk of identity theft?
- Helping your children stay safe online
- Should you share your location on social media?
- Safeguard your personal information on video game consoles
- Would you do internet banking on your smart TV?
- How fraudsters use Wi-Fi hotspots to steal data
- How to avoid email fraud
- Preventing your child’s identity from being stolen
- Keeping your personal information secure when moving home
- Protect yourself from becoming a victim of SMS phishing
- Protect against identity theft when sharing photos online
- Safeguard your identity on mobile apps
- Your social media profile and identity theft
- What is credit card fraud – can you prevent it from happening to you?
- How fraudsters can hijack your browser
- Safeguard your identity on Facebook and other social media sites
- Going on holiday - keeping your identity safe
- How to prevent smartphone identity theft
- Shopping online – staying safe against identity theft
- How to spot and avoid romance scams
- Facial recognition and identity risk
- Dealing with phishing phone scams
- How cyber attacks happen
- Safer Internet Day – protecting children online
- 7 Signs of Identity Theft
- How to avoid contactless card fraud
- What Are Data Breaches?
- How to Spot a Phishing Email
- ID Fraud Overview
- How Financial Crimes Are Hidden in The Dark Web
- How much do you know about the Dark Web?
- Are you losing your identity?