Hackers just love to try to get their hands on your email accounts. According to data, email is the number one target for malware and phishing attacks.
It’s not hard to see why, though. You likely use your email address for everything – work, communicating with people, buying stuff, making accounts on websites (including banking and online payment processors), and so on.
So, if a cybercriminal manages to hack your email account, they can pretty much take over your life. They can access personal attachments, commit identity theft, blackmail you, reset your passwords for various accounts, and spam your contacts with phishing emails.
Safe to say, things look bad for you.
Are Hackers Always Successful When They Target Email Providers?
Not all the time, but they do have an easier time targeting popular, less-secure providers. And they do that pretty often.
Here are just a few instances of that happening:
- At the start of 2019, hackers successfully wiped VFEmail’s servers.
- In 2016, Yahoo suffered a hack which compromised roughly 500 million accounts.
- Hackers compromised a large number of AOL accounts six years ago.
- Back in 2009, cybercriminals got their hands on over 20,000 Gmail, AOL, and Yahoo accounts.
How do hackers manage that?
They usually rely on phishing attacks, but the fact that many popular providers (like Google and Yahoo) don’t use end-to-end encryption also enables them. So, cybercriminals have an easier time compromising accounts and emails.
Here’s How to Protect Your Emails from Cybercriminals
Use a Secure Email Service
Since hackers love email providers with poor security, it’s obvious you’ll need a service that knows how to keep all your data safe.
I’m talking about email services that use end-to-end encryption – basically, making sure that nobody but you and the receiver can view the contents of your messages.
And that’s not all. A really secure provider will also avoid logging your data (especially your IP address), will have their HQ in a privacy-friendly country, and use very strong encryption (like AES).
If the provider gives you access to OpenPGP, even better. It’s one of the most widely-used email encryption standards, and it lets you send encrypted messages to contacts that don’t use the same email provider as you.
If you need help finding a good email service, don’t sweat it – I’ve got you covered with this guide of some of the most secure and reliable email services.
Use a Password Manager
Sometimes, hackers don’t need to use complex plans to crack or steal your passwords. Instead, they can just brute-force them – especially if your password is among the “elite” 86% that are just terrible.
Now, we know that coming up with a long password, remembering it, and renewing it regularly is pretty difficult. Even we used to have some pretty bad passwords too, just because using a strong one was hard.
That all changed when we started using a password manager. It’s software that acts like a digital vault for your passwords. Essentially, they store them securely, and you only need a master password to use them.
Best of all – password managers have auto-fill functions, meaning they can automatically fill in your login credentials when you want to check your email. It’s a good anti-phishing and anti-key logging measure.
Use Antivirus/Anti-malware Protection & a VPN
Since hackers love targeting email accounts with malware, it goes without saying you need quality security software on all your devices. Solutions like ESET and Norton can help you keep malicious files and links at bay. Just make sure you run regular scans, and keep the software up-to-date.
As for VPNs, they are online services that can encrypt your Internet traffic. That is very helpful because it stops cybercriminals from monitoring it – especially when you use unsecured WiFi. Since your traffic just looks like gibberish, hackers can’t try to intercept your data packets to steal your email login credentials anymore.
Avoid Messages that Give a Phishing Vibe
If you ever receive an email from someone claiming to be a police officer, a bank representative, or a customer rep for PayPal (or any other payment processor), you should always be skeptical – especially if they start asking you for personal info like your credit card number or Social Security Number.
The same goes if they tell you to open/download some shady attachment (a file that claims to be a .doc but is actually an .exe, for example) or click on weird shortened links. If you do that, you risk infecting your device with malware, or being redirected to phishing pages.
When you see messages like that, you should ignore and delete them, and report and block the sending address. We also recommend using Stanford’s Anti-Phishing Extensions too – just to be on the safe side. They can protect you from phishing attacks, and will also warn you whenever you end up on a phishing page.
Enable 2FA on Your Email Account
If your email account supports two-factor authentication (2FA), turn it on as soon as possible. 2FA means you’ll need an extra code (generated by an app or sent through a text message) to log in.
So, if a hacker were to ever get your login credentials, they won’t be able to sign in without physical access to your mobile device too.
Your email account contains a lot of sensitive info that can ruin your life if it ends up in the wrong hands. And if you use an unreliable email provider, that’s exactly what can happen.
So make sure to only use a secure email solution, a VPN, password manager, antivirus/anti-malware program, turn on 2FA, and avoid phishing emails to be 100% safe.
If you know any other useful tips, go ahead and share them with us.