What is Email Security

Experts estimate that more than 306 billion emails are sent around the world every day. While many emails are as simple as a message from a middle school teacher to his students reminding them about their homework assignments, others may carry crucial information such as:

  • notices about bank balances and account activity
  • medical information such as test results
  • proprietary business information about customers, trademarks, patents, and product development
  • notifications about local threats due to extreme weather events
  • warnings about defective products

Most of us do not give a second thought to email security. We allow our unread and archived emails pile up, full of data about our accounts and personal lives, we leave our email open on our desks, and we trust the service providers to protect the sensitive data contained in our messages.

Hackers are well aware of the rich trove of information contained in email records, as well as the doors that can be unlocked and security breached by getting into a person’s email.

email security

Threats That Could Affect You Through Your Email

More than 500,000 Americans were victims of email and other messaging attacks in 2020, with phishing the preferred and most successful tactic. Phishing is a fake message that plays on the recipient’s need for immediate gratification by demanding quick action that many will take without thinking. Phishing attacks may pose as:

  • an official notice from your bank that requires you to enter your ATM PIN number or to verify your account information;
  • a notice from the IRS that says your taxes are past due and must be paid immediately or you will be jailed;
  • news that you’ve won a nonexistent lottery or other prize but must click a link to verify your identity or provide account information so the windfall can be deposited directly;
  • an apparent request from your boss saying that they’ve lost their password to the company intranet and need you to provide it to them immediately;
  • tracking information for a package you didn’t order and are not expecting (requiring you to click a link or provide other personal information).

When a victim clicks on a link in a phishing email or downloads an attachment, their personal information may become compromised by hackers. Downloads may contain malware that sends personal information from the victim’s computer to the attacker’s computer, or it may duplicate itself and send malware to everyone in the victim’s contact list. By providing personal information to official-looking email links, including bank account information, social security number, PIN numbers, or other sensitive information, other accounts can be compromised.

Hackers can also use your email to find out where you do your banking, where you work, and what credit cards you have. Using this information and access to your email they can request changes to account passwords and potentially drain your accounts or send emails in your name from your work account. Two-factor authentication, such as using text messages to your phone to approve such changes, can prevent most account hijacking.

How to Secure Your Email

Some say that email messages are no more private than postcards sent in the mail but some of that depends on one’s provider. Encryption is the best method for securing email. Find an email provider that offers end-to-end encryption. Other ways to secure email include:

  • make sure your virus protection is up to date and turned on
  • protect your wifi router with a password so the general public cannot use it and see your online activity
  • do not use public wifi which is prone to hacking
  • make sure you understand the difference between assigning dynamic and static IP addresses to your account and how these influence your email security
  • if you must provide an email address to access store discounts or special membership deals, make a “throw-away” account separate from the one you use for banking, two-factor authentication, account recovery, and other official business. Make sure you do not use any personal information in the email names for such accounts.
  • use two-factor authentication or an authenticator app when possible, making it harder for hackers to take control of your accounts
  • change passwords regularly
  • make passwords challenging
  • keep your phone and computer updated to prevent hackers from exploiting known vulnerabilities in the software
  • using a VPN (virtual private network) adds encryption and makes it harder for hackers to find you
  • on Gmail check which apps you’ve allowed access to; or check the security of your browser

What to do When Your Email is Compromised

An ounce of prevention is worth a pound of cure. Keeping hackers out of your email is much easier than fixing the problems they can create once they get in. Here are some basic steps to take if your email gets hacked:

  • If your email is compromised, start by changing the password and adding two factor authentication.
  • Check your social media accounts to see if anything has been posted by an impostor.
  • Check your “sent” and “deleted” email folders to determine what activity the hacker performed in your name.
  • Contact your banking and other financial accounts to ensure that no unauthorized transactions have been made. Consider putting a freeze on your credit reports to prevent anyone from taking out credit cards in your name.


Protecting your email is like locking the door to your home. Good security practices will save you a lot of heartache.

Preventing hacking starts with being educated about the ways that hackers exploit people’s impulses to respond to messages: always stop and think before responding to an email that looks official and asks for your personal information. Call the sender to confirm the message using a phone number that is not on the email. Be aware that official government agencies do not correspond with residents via email, they always send notices in snail mail.

Free software is often a culprit in hacking as well: only download software from official websites, never from email links. Check your system often to determine which apps and programs have access to your email. Malware can sneak in attached to trojan emails or software.