Email safety and why it matters
Our editorial transparency tool uses blockchain technology to permanently log all changes made to official releases after publication. However, this post is not an official release and therefore not tracked. Visit our learn more for more information.
Email has become a key pillar of our digital identity. If bad actors gain access to your email account, they can use that email access to change passwords to, and therefore gain access to, additional non-email accounts.
Bad actors have increasingly focused on email takeover as a passport to other account takeovers, including social media, finance, digital identity and purchase or credit impersonation, among others. Here are some of the things you can do to be proactive in protecting your email accounts:
Use a strong, robust email password.
Ensure your password is unique, not used for other accounts, not easy to guess and changed if you notice anything suspicious.
- Refer to the FTC Password Checklist for current guidelines.
- When changing your password, ensure the new password is (i) completely different from the previous password, (ii) unique, (iii) more than eight characters, and (iv) has a strong mix of uppercase and lowercase letters, numbers and special characters.
Review two-factor authentication options.
Review options for your email account and encourage your provider to let you know whenever your account is accessed from a new device.
Review email provider’s account settings and security features.
These features may include: informing you of suspicious login or login attempts, enhanced password change requirements, enabling a trusted recovery contact and extra authentication to protect your account.
- Review your email account settings associated with email forwarding, security and privacy on a regular basis.
- Be on the lookout for suspicious inbox activity, such as missing emails or a large number of unexpected emails from third parties. When in doubt, secure your account!
Be cautious about accessing email from insecure, public or “free” WiFi hotspots.
Best practices suggest using a secure VPN connection or a trusted, secure WiFi connection when accessing your personal accounts.
Be on the lookout for phishing emails.
Refer to the FTC Phishing Awareness Page for current guidelines. Common Phishing tactics or identifiers might include:
- A proactive request for sensitive information that you did not initiate.
- Spelling or grammatical errors.
- Urgent instruction to click a link, attachment, or download a file, even if it looks legitimate. Urgency may be in the form of threatening to shut off service or a reward that must be claimed immediately.
- Messages originating from unfamiliar email addresses or a domain that does not match the sender (ex: Look out for “domain.com” vs. “d0main.com” or “domain.com.xyx”).
- Pro tip: hover over the sender’s name to confirm the email address, and look out for minor typos.
- As a best practice, if you feel a message might be Phishing, do not respond to it or click any links within.
- If you like to report a suspicious email claiming to be from Verizon, please forward it to firstname.lastname@example.org. We will review and investigate it, and we will reach out to you if we need additional information. Please note, when you forward an email to our phishing inbox you will receive an automated confirmation and we will review the information you provided. We will only contact you directly if we require additional information.
We all have a part to play in information security. Practicing proper email hygiene is a key factor in securing your online accounts and your digital identity.