Email is probably the fastest and most common form of business communication used today. Most people are unaware of the ways in which electronic mail can be vulnerable, and email interception in particular. Remember ... your email account is your master key to the world.
Use BCC (blind carbon copy)
Most people are guilty of this and type a slightly personal message and put the recipient's name into the 'to' field (the top field of the create email page) and not BCC. Using BCC instead means that not everyone sees the recipient's name and, if someone replies, it goes to the sender and not to everyone.
Use IMAP (internet message access protocol) not POP (post office protocol)
IMAP is the poor man's (or woman's) version of Microsoft Exchange. If you use POP your messages are downloaded from the server, stored locally and usually removed from the server. IMAP, on the other hand, syncs messages between devices.
Consider a digital signature
In the non-cyber world we verify contracts and cheques with hand-written signatures; only the signatory can tell if he or she signed it or if anyone has tried to tamper with or even forge the signature. A digital signature authenticates the origin and integrity of a document or email.
Encrypt sensitive emails
Email is the main communication tool of the 21st century however, with the ease and popularity of this form of technology, it also exposes users to hacking or interception. Recently, a UK Government Minister claimed that emails were “... as secure as a postcard”; somebody else observed that nothing should be included in an email “... that you wouldn’t want to see on the evening news”. Encryption will make it very tough to decode if intercepted.
Use SSL (secure sockets layer) and/or TLS (transport layer security)
When using Outlook or any other email clients it's a good idea to enable SSL or TLS. Email messages and passwords are normally transmitted between the client and server is clear text and this creates interception problems. SSL or TLS won't protect it end-to-end but its might cut out a snooper part of the way. The same applies to webmail, try to use HTTPS (hypertext transfer protocol secure).
Think twice before you send
Emails reach their intended destination in seconds and pass through various countries and networks. Messages are normally stored on the client's server and likewise at the recipient's end. An email sent months ago or even over a year could one day come back to haunt you. In addition ISPs and companies often archive emails for compliance reasons. So, the next time you send an email just bear this in mind.
Be careful what you open
Since the inception of emails, viruses have been passed around as attachments. Viruses still travel around by email but, thanks to improved virus scanning, criminal gangs are now placing links within emails that lead to malicious software. So, the next time you receive an email from a stranger do not click on a link or open any attachment. Virus scanners are not 100% accurate so just because it says it's clean, doesn't mean it is. File extensions are also not to be trusted.
Ignore hoaxes and chain emails
Frequently people receive fake virus warning. “You will receive an email with a picture and it will burn a hole in your hard drive”. In most cases these emails are fake and to reduce wasted time do not forward them.
Try not to use internet cafés
From personal investigation some internet café computers have keyloggers installed which capture usernames and passwords. As well as keyloggers someone may well be looking over your shoulder or capturing network traffic packets.
Disable macros in clients
A macro virus is a type of malware and so it's best to disable macros within email clients. Within Outlook this is found under the Trust Centre.
Disable automatic download
Images within emails can be used to track you. They can, for example, tell the sender when you opened it, your IP address, operating system, operating system language, location and so on. Within Outlook this can be disabled in the Trust Centre.
Disable auto preview
By default, email clients may attempt to show you a preview of an attachment which can allow malicious content to run. Within Outlook this can be disabled in the Trust Centre.
Sign out and clear browser cache, history, cookies and passwords
When you finish your session on webmail remember to sign out and clear browser history, cache, cookies and passwords. This is imperative when using an un-trusted computer (which you should avoid in any case).
Choose a strong password and forgot any password question
Pretty much all email accounts are protected by a password. Do not choose something that is short or in the public domain. The same applies for a forget password reset question. Do not use: date of birth, place of birth, first school, favourite colour or the obvious; instead choose something that cannot be researched or guessed.
One email account for personal and one for business
Make sure you have separate email accounts for private life and business. Then, if one is broken into, not all of your private (or business) emails are leaked. This also stops your employer monitoring what you are sending.