ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

10 Email security tips you should know

Most of us are pretty comfortable using email; and even sifting through spam and following up with those arduous threads has become second nature – but there are email-specific threats lurking out there. If you haven't personally dealt with malware, phishing scams, and dubious links, however, it can be easy to think of them in the abstract.

But a little prevention can go a long way! We've put together a list of the top 10 tips to ensure your emails stay secure, at work or at home.


  1. Be link savvy

    False, malicious URLs are by far the most prevalent threat to email security. If you receive any unexpected or suspicious mail asking you to click on a link, don't! Take a look at the link, first. Does it match the URL that appears when you mouse over it? Is it spelled correctly? Typos and extra sub-domains are a good indication that a link should be avoided, and most reputable services and companies won't require you to click a link to verify any personal details.

  2.  Look for grammatical clues

    Contrary to what they'd have you believe, cybercriminals aren't always slick, technical geniuses – sometimes they give themselves away! Lookout for spelling mistakes and awkward, improper email formatting. Additionally, if you receive suspicious mail from a known sender, take a moment to recognize any abrupt changes in their communication style or language.

  3.  Verify the sender

    Sender information can reveal a great deal about odd emails. Does the accompanying email address match the sender's name? If a scammer can convince you their false mail is from a well-known service like PayPal, Ebay, or Amazon, there's a chance you might click a malicious URL and be tricked into handing over personal information. Always question whether you expected to receive the email, and handle any issues directly from your account by typing the URL into your address bar.

  4. Don't over-share

    A determined scammer can use the information you post to social media to inform their attacks – and this includes details about birthdays, family members, where you work and live, and yes, even pet names! Be aware of what you share, and remember not to divulge personal information in emails, either, particularly when communicating with new contacts.

  5. Don't get attached

    Scammers love stuffing email attachments full of viruses and malware. Similar to URLs, don't click on (or download) any attachments you aren't expecting – especially if they're from unknown senders or if they require you to enable macros. Typically, malicious attachments will seek to infect your device if clicked, or even run ransomware. If you want to send an attachment yourself securely check out our guide on how to send a secure email attachment.

  6. Keep a secure password – no, really!

    Frequently changing your password is one of the easiest ways of shoring up your email security – and not enough of us are doing it! When you craft a new password, mix in symbols, numbers and phrases, and avoid using any personal details. A complex password is incredibly difficult for a hacker to crack, even if they're using software to sift through possible combinations. If you're worried about keeping track of your passwords (you should be using a different one for all your accounts), check out a password manager, and our oh-so-handy guide!

  7. Enable authentication

    Two-factor authentication (2FA) is another simple method of thwarting scammers. Most email clients allow you to enable this feature in a few clicks, and once you have, scammers will still be unable to access your email account even if they have your password – because they'll also need the code that's been texted to your mobile device!

  8. Invest in an antivirus

    An antivirus isn't a one-stop security solution, but it can help users avoid malware and phishing scams. By scanning your mail and attachments, antivirus software essentially gives you a heads-up if anything looks suspicious. You'll know which emails are safe to open, and which need to be flagged and deleted right away. See our best antivirus software page for a list of the top services.

  9. Keep encrypted

    It's always risky to discuss sensitive issues or divulge personal information via email. Encryption prevents snoopers from tuning in to your conversation by converting regular plain text emails into cipher text. What's more, email encryption utilizes encryption keys to ensure that only the intended recipients of an email can actually read it – snoopers without the necessary private key will be out of luck!

  10. Be direct and double-check

    Of course, you can always confront a suspicious email directly. If a coworker has sent you an oddly urgent request for details, credentials, or money, give them a call to verify the request! The same goes for correspondence from companies or services. One quick call can determine whether an email is safe or suspicious, and if it turns out to be a scam, you'll be able to report it with confidence.

A note on phishing

Phishing scams are an incredibly prevalent threat – in fact, 96% of them are delivered via email. A scammer looking to start a phishing scam will send hundreds, maybe thousands, of false emails in the hopes that a handful of recipients will click the URLs inside, and be directed to bogus sites that request their credentials. The phishing email might be incredibly convincing, or claim to be urgent in the subject line – either way, it's all a ploy.

We've covered phishing scams in far greater detail elsewhere, so check out our what is phishing guide for more information on how to thwart phishing scams of all sorts and sizes.


Written by: River Hart

Originally hailing from Wales, River Hart graduated from Manchester Metropolitan University with a 1:1 in Creative Writing, going on to work as an Editor across a number of trade magazines. As a professional writer, River has worked across both digital and print media, and is familiar with collating news pieces, in-depth reports and producing by lines for international publications. Otherwise, they can be found pouring over a tarot deck or spending more hours than she'll ever admit playing Final Fantasy 14.


There are no comments yet.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

StartMail is a Netherlands based secure email provider, offering 10Gb of storage, unlimited aliases and more.

A straightforward encryption service, with some cracking features, that lets you try before you buy - no credit card details required