10 Email Security Best Practices for 2019

Whether you manage an inbox for your whole company or one that serves as your “direct line,” you’re bound to have some sensitive information that would be best kept secure.

We want to help you protect your browser and your computer. Today, we’re bringing you the 10 email security best practices so that your inbox will be secure from viruses and malware.

Why You Need to Protect Your Inbox

Person holding "stop" hand up

Many companies use emails for major internal and external communications. Co-workers share projects among themselves. Clients or customers have a way to communicate with you.

Sensitive data is often shared via email, so keeping that information safe is of utmost importance. You want to protect your passwords, bank information, personal details about your employees and anything else that would be unsafe to share publicly.

In addition to protecting your information, it is important to keep your email secure so that there is no chance of a phishy blast being sent in your name to your contacts. That would be a huge embarrassment, and it may tarnish your brand.

Protect Your Inbox with 10 Email Security Best Practices

There are several things that you can do to protect your company from being the target of a malicious virus or phishing.

It may be helpful to review our list the 10 best email security practices that you can implement in order to ensure your company’s email remains safe from scammers.

1. Familiarize Yourself with Common Phishing Schemes

Phishing is a common scamming practice that is quite sneaky. Scammers pose as well known companies and request private information about its recipients.

Since these emails often seem to come from reputable sources, such as PayPal, banks and other large companies, they often are effective in their data collection. Many people don’t think twice before entering their information in order to continue their subscriptions or collect a prize or payment.

One of the telltale signs of a phishing email is poor spelling, improper grammar and an uncomfortable or robot-like writing style.

There are a few major phishing practices that you should look out for so that you can avoid jeopardizing your email security.

5 Common Phishing Practices


  • Deceptive Phishing: Deceptive fishing is when a scammer sends an email under the guise of a reliable company.
  • Spear Phishing: Spear phishing uses information about the target in order to build trust and increase the chances of the scam working.
  • Whaling: This type of phishing targets CEOs so that hackers can penetrate the company from the top.
  • Pharming: Pharming is when scammers redirect safe domains to unsafe ones by toying with IP addresses.
  • Google Drive/Dropbox Phishing: This type of phishing is among the most difficult to detect. It duplicates cloud folder login pages and requests your login info. When scammers have these login credentials, it usually opens access to a plethora of sensitive information.

Examples of Phishing Emails

Many phishing emails disguise themselves as financial services that many businesses use as a way to tap into these business’s accounts and access their money. PayPal is a popular one.

Some will act as if you’ve had a suspicious login to one of your accounts so that you feel a sense of urgency in providing your information.

You may notice that some attachments in programs like Microsoft Word give you a security warning before allowing you to completely open an attachment from an unfamiliar sender. Since not all programs offer this security, it is best to leave unexpected attachments unopened.

2. Protect Your Account with an Unbeatable Password

The days of using “password123” as your password are long gone. (Yes, some people actually used passwords like these because they are easy to remember).

Many sites have upped the password requirements to include a number, special symbol and both uppercase and lowercase letters.

It is suggested that you don’t use your name, phone number, address or company name in your password. You do not want something that is easy to guess.

3. Prohibit Personal Use of Company Emails

Let your employees know that their company email addresses should be used for business and nothing more.

If people list their work email addresses on personal accounts, more mail is being sent and received. This greatens the chances of a bad apple spoiling the whole account.

Minimizing personal use of the company emails makes for a more secure email.

4. Implement Two-Factor Authentication

Two-step authentication is a major tool against phishing. This way you can be sure that your login information is being used to log you into your intended site or portal, not a phony form used to steal your precious data.

The extra step may take a little bit more time, but it puts up an extra wall of protection around your accounts.

5. Avoid Opening Unfamiliar Attachments

Never ever open an attachment from an unfamiliar sender. Unsafe links, malware and viruses are often hidden in unsuspecting attachments.

If you are unsure about an attachment, you should run a virus and malware scan to see if it’s safe or not.

Take note that dangerous attachments can come in any format, but .HTML attachments are a commonly used phishing tactic.

6. Run Malware and Virus Scans

Malware and virus scans are essential since many unsafe links and attachments are hidden quite carefully.

Some of the best virus and malware scans include McAfee Total Protection, Kaspersky Anti-Virus, Bitdefender Total Security and Check Point ZoneAlarm Anti-Ransomware.

This sort of software is worth investing in. It could save you quite a bit of pain and hassle in the long run.

7. Don’t Open Your Inbox When Connected to Public Wifi

Connecting to public WiFi networks makes all of the sensitive information on your computer vulnerable to anybody else connected to the same network. Your email is no exception.

Avoid checking your email on the internet at coffee shops or internet cafes at all costs. Predators like to hack people who are working in these places.

If you are checking your email while you’re out and about, the best bet is to open it using your internet data on your phone or using your connecting your laptop to your phone’s wireless hotspot.

8. Use a Powerful Spam Filter

Most email platforms, including Google and Office 365, have built-in spam filters. Often times, you have the ability to turn the spam filter on and off.

Users also have the ability to customize their spam filters to weed out emails that include certain words or come from certain senders.

This helps to protect your email from scammers and phishers.

9. Avoid Clicking the “Unsubscribe” Button in Unsafe Emails

Unsubscribing when you get an email that you wish you hadn’t received may seem like the most logical action, and that is why many phishers disguise their unsafe links as an “Unsubscribe” buttons.

While hitting the “Unsubscribe” button may be tempting, resist the urge. Instead of unsubscribing, mark unwanted emails as junk and delete them promptly.

The best way to unsubscribe from an email that you believe you’ve signed up for is heading directly to the website and logging in a secure portal. You’ll likely have the ability to change your communication options. Do not follow the link from the email.

10. Educate Your Entire Company

Unless your entire company gets on board with the best email security practices, your inboxes may still be at risk. After all, you’re only as strong as your weakest link.

Include email security lessons in your company’s new member orientation and employee handbooks. Make sure that the whole team is well-informed. This is certainly the most important part of ensuring your email security.

At Raxxos, we offer Email Security Awareness Training to businesses looking to educate their team on common email security threats and how to safeguard against them. Contact us to schedule a training for your company.

Use These Best Practices to Secure Your Email

Securing your email is very important in order to keep your company safe from phishing. The last thing you want is a hacker getting into your bank accounts or gaining control of your contact list.

Maintaining a secure inbox is essential to keep your company operating like a well-oiled machine.

Be sure to implement all of the email security best practices in your business. You’ll be glad you did.

Written by:

Raxxos Media Team

Contact Us

  • This field is for validation purposes and should be left unchanged.

More from the blog: