Embed Size (px)
Citation preview
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 1/14
1.Don't send private messages with the company account . If you want to send personalmessages from work (and you should probably try to minimize this), use a freebieaccount like Hotmail, Gmail, Yahoo!, or Excite, if your office permits it. The content of your emails is less visible to employers through these accounts, so the private messages
you send will stay private.2.Use BCC if necessary . If you must send a group email to people who do not know eachother, don't add their addresses to the form's CC field; this is one method spammers useto harvest email addresses. Instead, use BCC (Blind Carbon Copy) for their addresses,and put your own email in the form's "to" field.3.Don't send form letters . Its impolite to send form letters, especially to your friends andcolleagues unless they are all part of a group that is expecting them.4.Don't forward chain letters . Just don't do it. Enough said. That includes the email that
says that if you don't forward it to 10 people you'll die. I don't care how superstitious youare, don't send them.5.Be professional . Ensure your work emails don't contain 'u', 'afk', 'ty', 'jk' and/or severalmillion other texting/chatroom acronyms . These developed because cell phones' keypadsaren't well-suited to writing fully-formed words, sentences and paragraphs. In businesscommunications, however, they may give the impression of childishness and illiteracy.6.Be professional, part 2: Check tone . Be aware of the professional (or not) relationship
between yourself and the recipient before starting an email. Use that to gauge what topicsare appropriate to write or not, as well as the tone of your writing. This may be common
sense to most, but you’d be surprised at how often the rule is ignored.7.Be careful . Email is not private ; it can be intercepted anywhere en route to its recipient.In addition, it can live on for years in recipient email boxes, later to return to its sender inchoice quotations. Think before sending email you will later regret.8.Cut down on sigs . Signature files, especially in business, should contain as few lines as
possible. Four lines is a figure generally agreed-upon . Email that consists of a two-linestatement and a ten-line signature will have its recipients rolling their eyes.9.May I quote you? When you respond to an email, the original email is quoted. Cut themost relevant sentence from the message to which you are responding, preface it with a'>' (if it's not already there) and paste the quote above your response. Delete the rest of the original email from your response, unless you are responding to other points in theoriginal.10.Don't use email when you are angry . This is a tip from Joan Tunsall's Better, Faster
Email (non-affiliate Amazon link). While most of the time email does not convey your
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 2/14
emotions, particularly humor, it somehow seems to transmit anger - even when you don’tintend it to come through..11.Get clarification . If someone sends you an email that upsets you, make sure you haven'tmisunderstood. As mentioned previously, emotion and tone do not always carry over well
in email. Instead of responding angrily, in your response, quote the portion of text thatyou are unsure of and ask the sender to clarify. Indicate what you think it means, if youlike, then ask if you've misunderstood.12.Don't spam friends . Occasionally, company mail servers go on the fritz and send forty-five copies of the same email to the recipient (personal experience). Even if it's not your fault, it is polite to apologize profusely to your friend, family, or roommate.13.Consider the quirks of other email systems . For example, say that you have a friendwith a Hotmail account and want to send a list of hyperlinks. Hotmail doesn't handlehyperlinks inside of an email very well. For example, you cannot easily copy the actual
URL, without a bit of effort. So anyone used to tabbed browsing, such as with all recentweb browsers (including, finally, IE7.x), may find it frustrating trying to open a link in anew tab or window. It's hard to know about all types of email systems, but someawareness reduces frustrating situations for recipients.14.Respond to group email appropriately . If someone has sent a group email that requiresa response, but only to the sender or a couple of parties, don't copy everyone on your reply.15.Don't respond to every group email . More specifically, it is alright to sit out a thread of group conversation if you are not being addressed directly. However, read the emailscarefully to make sure that you are not being expected to respond.16.Respect email laws and regulations . Some countries have very specific rules about bulk emailing. If you use email to promote your business, you need to know the laws for notonly your country but probably wherever you are emailing to. It's a tall order, given theglobal village of the Internet, but its importance cannot be overstated.
Communicating & Effectiveness Now that we've covered the basics of emailing with manners, it's important to make sureyour intended message is actually getting across.17.Use meaningful subject lines . Write something "meaningful" in the subject line, to giverecipients a clue as to what your email is about. This is increasingly necessary todistinguish legit emails from spam. The latter's subject lines are are often deceptive.18.Be brief . Do not send excessively long emails if at all possible. Try to summarize your information so that your recipients are more likely to read the email and actually respond.When possible, break long emails into numbered point form so that recipients canrespond by reference number.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 3/14
19.Summarize . Precede a long email with a short summary.20.Cheat with templates . In his Five Fast Email Productivity Tips , author Merlin Mannrecommends 'cheating' -- using templates and form letters - when you find yourself
answering (or asking) the same questions repeatedly. A good percentage of first-year college students learn to do this when writing email to family, friends, and significantfriends back home.21.Use 'Reply All' when necessary . Usually, the common advice is to not use "reply all" if other recipients of a group email do not need your response. But forgetting to use "replyall" when appropriate is simply inefficient. If the vast majority of a group needs to hear amessage, writing in individual emails addresses will waste your time and increase thechances that you’re going to leave someone important out of the email.22.Remember the telephone . Unless you need a written record of a given communication
(or if the person you're communicating with is long distance), consider calling (or sending a letter to) your intended recipient instead of an email. People often default towriting an email because it is quick and easy; but sometimes a handwritten letter or
phone call can provide the personal touch your communication really needs.23.If it's urgent, say so . Writing 'URGENT' in front of your email's subject will make itstand out from the crowd, and most likely get timely attention from the recipient. Makecertain it is urgent, however; remember how much attention was paid to the boy whocried wolf when his cries really mattered.24.On vacation? If you will be out of your office for a lengthy period of time, set up anautoresponder to inform whomever emails you of your absence and your expected return.This is polite (the message is only sent to a given email once), and it prevents a lot of "I'm waiting for your response" emails. A quick warning, however, to not use anautoresponder for your home email; you shouldn't advertise an empty house.25.Use smileys . If you think that something you've written might be misunderstood in toneor emotion, use the appropriate smiley. It should be obvious, but this tip does not apply towork or other professional emails, or if the person doesn't know you already. Marketinggenius Seth Godin wrote the The Smiley Dictionary [book], and there are several siteswith something similar: Helvig's smiley dictionary , the unofficial smiley dictionary , andEFF's unofficial smiley dictionary .26.Proofread . There is a difference between typos and poor writing. Poor writing improveswith practice. Typos stay typos unless you take the time to eliminate them. If you areapplying for a job or freelance gig, it's especially important to prufreed before you sendthat email. And as if you needed another reason to be concise, remember that the chanceof typos is directly proportional to the length of your email.
Mobile Email
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 4/14
27.Know your limitations . Mobile email is best for very dexterous people. It isn't alwaysthe most productive way to communicate for everyone. Reading emails via mobile isfine, but if you don't have the thumb dexterity to use the keypad to respond, save your thumb the pain and just handle your emails on a computer.
28.Use voice-to-text . There are mobile applications out there that will convert your spokenword to text, which you can then use for mobile email responses. Because this technologyis just starting to go mainstream, if you want it you are going to have to shop for phonesspecifically with voice-to-text capability.29.Duplication of email, or lack thereof . If you plan to access email from both a mobiledevice and a computer, keep in mind that some email servers and client softwaredownload each email to the device you are using, and delete it from the server. This could
be hazardous to your career, if you access with a mobile device, read it, and then delete itwith the intent of responding from a computer later. So make sure that you know how
your client handles the mobile/computer divide.30.Be exclusive . It's best to set up a separate email account for your mobile devices. If you
plan to be away from a laptop or desktop for an extended period, you can redirect your regular email, with full filters on. Use this email account only for your mobile device. Byhaving to separate accounts you can make sure to send all your subscriptions and other large regular emails to your main account. You can also sign up for new products withthe computer account to make sure you won't get spammed, before you have those emailscome to your mobile account.31.Don't send email attachments to mobile devices . If you know that a colleague will beusing their mobile device to check email for an extended period of time, avoid sendinghim or her attachments. Send a snippet of text instead, if possible, or a URL where theycan download when they have access to a laptop or desktop.32.Use mobile email sparingly . Cellular wireless data plans often have a monthly
bandwidth cap. Sending attachments (or receiving them) can be hazardous to your wallet.Some mobile email services function by letting you see that you have attachments, butothers will automatically download. So for the sake of you and your colleagues walletssave the attachments for later.
Productivity, Folders, and FilteringEmail is only a useful technology if it remains an efficient means of communicating. Thedual threats of spam and disorganization make email less efficient, so overcoming thosedeficiencies is the theme of this section.33.Respond promptly . Don't leave email unread for more than two days. Look at itimmediately and either respond to it immediately, or -- after reading it -- move it to a"must respond" folder.34.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 5/14
Repond promptly, part 2 . Acceptable email response time for personal emails is 24hours. Acceptable professional response time varies by industry. Know your expectedresponse time and check your email accordingly.35.Respond promptly, part 3 . If someone sends you an excessively long email and you do
not have time to respond to the entire email, respond with a brief email acknowledging itsreceipt and your intent to reply in more detail.36.I go to pieces . If you receive an email which must be responded to in its entirety butrequires a substantial investment in time to respond to, respond to it in parts. Quote eachoriginal point that you are responding to, so it is clear what you are referring to. Make itclear that you are responding in parts, or else the recipient may wonder if you missed thelatter part of their message.37.Exercise discipline . Check your email at regular intervals. Whether its every 5 minutesor every 5 days, people need to be able to rely upon your response time, so come up with
a schedule that works for you and stick with it.38.Organize by Urgency . Email clients and web-mail applications like Hotmail and Gmailwill allow you to sort your emails in the order with which you need to respond to them.Consider making 'Urgent', 'Must Respond', 'Personal', 'Information' and 'Misc' folders.Then move inbox messages accordingly. You can make this sorting process moreautomatic by applying filters to email addresses, so that your email client will do thesorting for you.39.Be selective . Not every email you receive requires a response. 'FYI' and group emails, for instance, should be read and filed. Non-work-related email from strangers should beforwarded to your home email address for later consideration.40.Be quick . Email you send at work should consist of questions if you need information, or declarative sentences if you are supplying it. At work, email is best used for the transfer of knowledge - chatty banter and essays are best saved for other venues.41.Know your limits . Don't subscribe to dozens of free "tips" sites if you don't have time toread the items. If you feel must do this, for whatever reason, use a freebie email addressfor this or consider an RSS feed instead.42.Cut to the chase . Sometimes a text chat is the best way to resolve a communicationquickly, instead of sending a dozen emails back and forth. By keeping the bank and forthemails to a minimum, you keep your inbox under control and prevent the need to declareemail bankruptcy and starting all over.43.Do what the Gurus do . There are a number of great writers who focus almostexclusively on tips to keep you technologically organized. Some Gurus of note: MerlinMann of 43-Folders, mentioned elsewhere in this article, and David Allen , author of Getting Things Done are good examples.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 6/14
44.GTD - get things done . Don't move anything from your main inbox into a folder if youhaven't read it yet. It's likely to stay that way. Read it, respond, and file it. That way, your main inbox holds only unread messages. Or at worst, those you haven't responded to yet.This makes it easier to "get things done" more efficiently, in terms of email-triggered
tasks.45.Be specific with email titles . An email's subject line is what enables its recipient(s) toappropriately handle it. The famed 'Re:' standing alone on a subject field is either spam,or a response to one of your less-informative titles. Specificity not only facilitates easyfiling, but makes locating a given email in your sent box months after the fact (when youneed to prove something, or again find that bon mot ) a heckuva lot less time-consuming.46.Use freebie accounts . Always use freebie accounts for all those "free" subscriptions yousign up for. No matter what they tell you, you will get unsolicited mail as a result, atsome point in the future. And it'll clutter your inbox, making you less productive.
47.Blacklist Spam emails . Don't just delete the spam you get sent, blacklist it. By blockingthe sender of spam emails you can drastically cut down on the total amount of spam youget. Surprisingly, a good amount of spam is from repeat senders, so a few months of diligent blacklisting can keep spammers at bay.48.Enable spam filters . Most email clients, including freebie webmail types, have spamfiltering that can be turned on or off. They are not 100% accurate, so you should make ahabit of visually scanning your spam folder to ensure you haven't missed anythingimportant. But that inconvenience is still worth leaving the filter on.49.Ditch your spammed out email account . If you have a freebie account that is loadedwith incoming spam, save all your important contact info, backup desired emails, thenditch the email address. Get another one and then notify all your contacts. Don't forget toupdate any websites where your address is published.50.Prevent email overload . Kaitlin Duck Sherwood has a handy, quick guide to preventingemail overload. One that is simple but effective is to say "no need to respond", or somesuch, if a response is not necessary.
Email AttachmentsThe ability to attach documents has revolutionized the way in which we do business.Despite its benefits, however, attachments are one of the least standardized parts of emailing.51.Keep attachments small . If you are sending a large attachement to someone, whether they have a free email or not, they probably have an inbox size limit. Stay in good favor with them by only send attachments of no larger than, say, 30-40 Kilobytes, unlessthey've requested it of you. That means that many videos and large pictures should beuploaded to the web instead of attached to an email.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 7/14
52.Don't forward attachments . Except in a work environment where it might be expected,check with your intended recipient before sending attachments. If it is a large file,consider that sending it may block their account from receiving additional email becausethey exceeded their disk space quota. Attachments also take up company resources and
eat up bandwidth unnecessarily. For example, if you send a PDF file to a group of, say,10 co-workers, the mail server sends 10 copies of the same file and uses up 10x thespace.53.Include an excerpt . If it's sufficient/ appropriate, include an excerpt of the document(instead of attaching it) in the body of your email.54.Send a link instead . You are better off sending a link to something, if the material isalready online, or you can easily put it up on a secure site.55.Share a file . If the file is not online, and if you have the right to put it there (i.e., no
copyright issues, not company-sensitive material), then use a filesharing service such asAllPeers, which lets you define who is in your buddy list. No one else can access thedocument. There are also several online spreadsheet and word processor apps these days.See Google Docs and Spreadsheets or Zoho . Both are compatible with "Office"applications like Microsoft Office and Open Office, and let you share documents. Onceyou've set a Google Doc or Zoho document to "share", you can send colleagues a link.56.Share a file, part 2 . If using file-sharing services or web-based office apps to share a fileis against company policy, try this. Most larger companies will have an Intranet site,
possibly with employee web pages. You may be able to upload your file to your employee website. Just share the link in email. If your computers are part of the samecompany network, you probably already know this, but there is usually a commonrepository, possibly organized by project. If you and your colleague both have the samenetwork permissions, upload your file to the project area and email them the directory
path.57.Share a file, part 3 . One alternative that works nicely, provided it is not against company
policy, is to use the file-sharing feature of a VoIP (Voice over Internet Protocol) or VoIM(Voice over Instant Messaging) client, such as Skype or Windows Live/ MSNMessenger . If you are in a large company, you might be using a more corporate solutionsuch as Lotus Notes, which, if memory serves, has its own Messenger.58.Use Text/ RTF format instead of DOC files . Microsoft's Word files (.doc format) aresusceptible to some macro viruses. If you must send a document and cannot use one of the options above, copy your document to RTF (Rich Text Format) first, then email thatas an attachment. Even if you don't have a virus on your computer, your colleague may.If they receive an RTF file, then there is less chance they will respond with a DOC file.(MS Word let's you work with RTF files as you would a DOC file.) It is also okay tosend .txt (raw text), .pdf, and image files. Bad to send: any .EXE or other executable file.Possibly bad: .doc or .xls (Microsoft Excel spreadsheet) files.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 8/14
59.Consider using OpenOffice XML format . Open Office , a free open source alternativeto Microsoft Office, uses XML (PDF, 571 pgs, 1.5 Mb) text files, so they are okay tosend as well. (Text files cannot harbor viruses.) Open office lets you create word
processor documents, spreadsheets, presentations (similar to MS Powerpoint), and
drawings. It can read MS Office files, and can also output its XML files to theappropriate MS Office format.60.Defer opening attachments . Don't rush to open an attachment just because it appears tohave come from someone you know. If you receive an attachment that you are notexpecting, don't open it. At least, first read the email and make sure that the attachment ismost likely legitimate. If you're still not sure, call/ VoIP/ email/ or IM the sender to besure. If the sender's computer has a virus, it may be attaching trojans to all outgoingemails from them.61.Know what not to open . Opening spam can direct floods of it to your inbox, multiplying
the time you're chained to email by an order of magnitude. Beacons embedded in spam -typically clear, one-pixel .GIFs sent from a machine controlled by the spammer -advertise that you opened the email... and thus your address is both valid and responsive.Let someone else do the work. Weeding out spam is unpleasant, time-consuming and notunlike tip-toeing through a minefield. It's several million times worse for ISPs, the morereputable of whom employ industrial-grade filters that prevent the bulk of it from hittingtheir customers' inboxes. Doing some legwork to determine which ISP filters the most
before it hits you will ultimately save you hours of grief.
Tricks, Hacks, BackupThe following tips are more about technical gadgetry and implementations rather thanetiquette or organization.62.Use a custom email reader . Certain types of email servers (POP3, IMAP, SMTP, etc.)allow you to access your email from other software interfaces. This can come in handyfor custom batch filtering, and even for auto-separating emails into folders. You mightconsider this, in order to create a custom mail reader for yourself. Obviously, thisinvolves some programming. EmailAddressManager has a quick guide to the POP +IMAP + SMTP settings in Hotmail and other web browser-based email clients.63.Aggregate emails . If you are subscribing to various emails, you might wish to collectthem into a single document, print them out, and read them at a later date. If you have acustom reader (see above step), then you can tweak to produce a single RTF or PDFdocument from all emails in a single folder or under a single label. This can also come inhandy if you want to collect a thread of conversation for an ebook or regular book, or even a lawsuit.64.Learn to filter effectively . A student related the story that when he went back touniversity to prepare for a Master's degree, the new email address assigned to him alreadyhad 500+ spam emails waiting for him the first time he signed into his mailbox. Because
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 9/14
email addresses were produced using the first and last name of a student, they wererelatively easy to generate for spammers. All students at the school were likely gettingthat much spam. Filtering of the mail server was woefully inadequate, and didn't evenhave an auto-spam folder. The simplest way to rid himself of the email in this case was tocreate a folder of emails to keep, scan the inbox carefully for such email, then move them
for safekeeping. Then, since all remaining emails on a given page in the inbox werespam, a single click near the top of the page selected all of them, and they could be easilydeleted en masse. Alternately, all emails could be selected with the single click, thendesirable emails unchecked individually, before the deletion. While this method is more
prone to deleting desired emails, sometimes that is your only option.65.Speeding up Google's Gmail . Digital Inspiration has some tips on how to increaseGmail speed , if you are having some problems. The tips are browser-specific, butclearing cache will probably work for all browsers.66.Gmail filtering . Digital Inspiration has numerous tips for more effective Gmail use. One
is that you can use Gmail email address aliases to help filter messages into folders('labels' in Gmail). So if you sign up for email subscriptions at different sites, you can usea different alias for each site and have your Gmail account's filters redirect email to theappropriate folder. This doesn't stop spam, but what it does do is (1) organize your incoming mail; and (2) let you determine how a spammer got your email address. Thisfeature is probably one of the most powerful features for effective email use, and to dateis only supported by Google's Gmail.
System-Specific MailHere are some tips for some of the various email readers, including Yahoo, Hotmail,Google Gmail, and Outlook. (Some Gmail tips are covered in the previous section.)67.Get Google Gmail . Google Mail, aka Gmail , is a relatively new contender in the emailreader market, free or otherwise. The problem is, you either have to be invited or useyour mobile phone, with text messaging capability, to sign up, if you live in a selectcountry (Australia, Indonesia, Malaysia, New Zealand, Philippines, Singapore, Thailand,Turkey, United States). It's a strange list of countries, and the ones not included are asmuch a surprise. But if you can manage to get a Gmail account, it's worth it. It's anincredibly effective webmail system.68.Use Gmail formatting sparingly . Google Mail uses a very rich format for text, even if you don't explicitly apply formatting. It's nice to look at, but if you are using Gmail andsending to someone who is not, do not use any additional formatting.69.Visually track your Gmail conversations . Gmail has a nice little feature that makes iteasier to track a conversation thread visually. Beside each entry in your inbox, there is alittle "star" that when clicked on turns yellow. If you use your Gmail account for a varietyof incoming sources, the star can help you find a thread easily. When you are doneresponding, you can turn off the star.70.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 10/14
Archive your Gmail conversations . Gmail makes archiving email threads extremelysimple. Other email systems let you keep folders as well. Gmail lets you attach "labels"instead of moving items to folders. You can attach more than one label to each emailthread, thereby making it easier to find later. Labeled threads can stay in the main inbox,or be "archived" to what amounts to a folder with the label name. If someone that is part
of the conversation thread responds after the email has been archived, it resurfaces in theinbox with its label(s) intact, and can be re-archived if desired. This nonlinear,"conversation object-oriented" treatment of the entire mailbox in Gmail can be a more
productive way to use email, if you are prepared for the differences. It's a feature that ismore common in standalone email clients, but relatively new to web-based email readers.71.Utilize free Gmail disk space . Gmail offers over 2 Gigabytes of disk space for eachemail account. If you are using the Firefox web browser, there is a neat little plugin calledGmail Space that turns your Gmail account into a supplemental storage area for files of any type and size. The interface is brilliant, easy to use, and looks a lot like an FTP client.Once you sign up for a Gmail account, you to send out 15 invitations for new accounts.
Each invited account can invite 3 more people. While you don't want to abuse it, youcould probably use a few of those invites yourself. Just imagine: 2 accounts in your namegives over 5 gigabytes of free disk storage. This is great for moving large files around
between two computers that are not networked. There's no limit to file size, but the GmailSpace notes say that you should try to avoid transferring over 1 Gigabyte in the same day,else Google may block your account. Also, it functions at present, but may not if Googlechanges Gmail in anyway.72.Gmail document conversion . Digital Inspiration has yet another Gmail tip, this one for converting a variety of file formats into HTML automatically. It's so simple, you'll be
pleasantly surprised.73.Gmail MP3 player . This feature is pretty easy to discover, if someone sends you an MP3attachment, but Digital Inspiration explains how you can play MP3 files with the Gmail
player without logging into Gmail.74.Hotmail quirks . Hotmail has the quirk that if you click on a link inside of an email, anew window pops up, regardless of the web browser you are using. Sure it's one of theoldest webmail systems and sure there are millions of people using it, but power emailusers should avoid it like the plague. With Gmail or even the new Yahoo beta mailaround, why bother with Hotmail?75.Outlook upgrades: call contacts . Microsoft Outlook has of late been getting "add ons".There are several add-ons that integrate with your contact list to allow you to call phonenumbers from Outlook. For example, assuming you have Skype software (free) runningon your computer, the SkypeContact Dialer for Microsoft Outlook will initiate a VoIP(Voice over Internet Protocol) call on Skype. Skype, if you don't already know, is justone of many free software programs that let you actually make voice calls from your computer to either another computer or even to landline phones. (You can read moreabout VoIP at VoIPLowdown.com .)
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 11/14
76.Outlook upgrades: RSS reader . The newest version of Outlook lets you subscribe toRSS (Really Simple Syndication) "news feeds/ headlines". These are the same type of "headlines" you see in Gmail or at a site like myYahoo .77.
Yahoo mail beta: AJAXified . Yahoo! Mail has a new version that's just released thatuses AJAX and all kinds of web2.0-ish features that are supposed to enhance it. If you donot like the workflow of Yahoo, try out their new "beta mail". It has multi-tabs, to allowviewing of multiple emails simultaneously, and drag-and-drop of highlighted emails intofolders, fast deletion of blocks of consecutive email items, RSS feed viewing, a calendar to manage tasks, and other features. If you don't like it, you can switch back. At least for now.
Last but not Least: Privacy and Security78.Rule 1 of email privacy: there is no true privacy . Keep that in mind, and write your
emails accordingly. (See Exceptions below, under encryption.)79.Follow email compliance . This one is more for businesses rather than individuals. But
because it potentially treads on employee privacy, it is included here. Publicly-traded businesses in some countries, for example the USA, must often follow email complianceand do automatic backups of all employee communications. Here is a 5 step guide for email compliance from IT Security. Email system backups are a matter of course for most large organizations. But with more small companies going public, this is somethingfor employees to remember, which reiterates the previous point: there is no real privacyin email.80.Copy that . When discussing sensitive topics with someone at work, CC (carbon copy) asupervisor or colleague involved in the same project. This will cover your back shouldthe other person claim they didn't receive your email indicating their deadline for somework, etc. This method keeps the conversation private for the most part, as it's expectedthat your boss or supervisor has the discretion not to forward the email elsewhere unlessabsolutely necessary, while simultaneously protecting you. All this should be doneindependently of any regular system backups.81.Don't hand out your real email account freely . This is especially important for acompany's employees. Company email addresses should only be known to other employees and a few close family members, in case of emergency. Some companies
publish a few employee email addresses on their website, but they really shouldn't as thisinvites spam as well as creative phishing scams.82.Use a contact form . Your website (or your company's) should not display employeeemails online. Instead, use a coded contact form. When someone submits a message, theweb server's contact application can forward to the appropriate parties, in multiple if necessary. When the receiving party responds to the contact form message, they will at
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 12/14
that point be revealing their real email address. But hopefully they can distinguish between a real query and a fake one.83.Code your publicly-displayed emails . Spambots are web applications that scour websites for recognizable email addresses. If you have a website or display your email on
anyone's webpage, "mangle" your email. It should still be recognizable by a human. For example, if your email is [email protected], then try something like "bob-dot-loblaw #at# mycompany-dot-com", or something similar. And be INCONSISTENT.Spambots are getting smarter, as spammers refine them. Use a variety of punctuationmarks, but still have it human-readable.84.Better yet, use a freebie webmail account . You still want to code your email addresswhen you display it publicly. Also, don't make it obvious what your real email is. For example, if your real email address is [email protected], don't use something [email protected]. Some spam bots use addresses they harvest to generate other combinations, just in case they get lucky.
85.Don't unsubscribe blindly . If you start receiving "subscription" emails from somesource to which you didn't subscribe, don't use their "unsubscribe" link. If you do, youmight just find yourself getting even more emails. You're better off just adding the emailaddress (or the entire domain) on your inbox blacklist.86.Use a plain-text email client . If you use a plain-text email client, there's less chance thatyou will fall for a phishing email, as either there'll be no active hyperlinks, or the link will
be obvious. In a similar vein, if you sign up for any sort of subscription email service at awebsite, choose to receive emails in text mode only, if possible.87.Use a secure email client . See this IT Security article for some tips. IT Security also hasa brief discussion of email security , with a link to a buyers guide that contains a list of email security vendors.88.Encrypt emails . Never send important/ private information by email unless you haveencrypted it. And even then, think twice before sending it. Also keep in mind that certainforms of encryption may be illegal in your country. The difficulties surroundingencryption mean that sensitive/ private information is still best sent on paper or via
phone. If you want to take the encryption route, 5 steps to make your email secureexplains some of the options.89.Encrypt, part 2: Use freenigma . Freenigma is a free Firefox web browser plugin that
performs email encryption for webmail-based email systems, including Gmail, Yahoo,and Hotmail/ MSN. There will also soon be a corporate professional version and aMicrosoft Outlook plugin. But the basic version is free. However, to use it, the personyou are sending to must also have the plugin. Since the application is currently in public
beta and first- come- first- served, your intended email recipients should sign up at thesame time as you. There is also an open API (Application Programmer Interface) so that
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 13/14
you can incorporate freenigma into your own applications. Read/Write Web has moredetails.90.Try steganography . Steganography is the act of hiding a message in some other media,usually a digital photograph. If someone doesn't know the message is there, they probably
cannot find it, right? The only drawback is that if someone tests for standard "datahiding" methods, they may discover your hidden message. Try combining encryption andsteganography. That is, encrypt a message, then bury it in a digital image or another message.91.Escape from Nigeria . Nigerian fraud - wherein a Nigerian government employee withaccess to untold riches just needs a chunk of cash from you so he can escape the country -was known in the 16th century as the Spanish Prisoner Letter. In 500 years, no-one foolenough to send money ever received a cent or centavo back from the criminals behindthese scams.92.
Don't get hooked . Phishing email - messages purporting to be from PayPal, WesternUnion, e-Gold and other financial companies - typically promises account closure and balance forfeiture if the reader doesn't click on the handy included links and 'verify' or 'confirm' account details. The links look legitimate, but instead they direct the worriedrecipient to a lookalike site set up to collect login and password information, credit cardand/or bank account details, et cetera. Never click links in email of this variety;
physically type the URL of the company's website into your browser if you are concernedabout your account. Honest companies will tell you upfront that they never send this sortof email. That is, they will never send an email where they tell you to click on anenclosed link to save your account from shut down.93.Don't get hooked, part 2 . Similarly, do not click on the links of an email purporting to
be from some famous organizations, unless you have contacted them and are expecting areply. If you are using a web browser-based email client, hovering your mouse cursor over a link should display, in the browser status line at bottom, where the link is to. Look at that carefully. One unsuspecting 76-year old retired professor with lots of computer experience thought he was getting an email from a famous golf course in California,where he had actually played before. Clicking on the link caused a flood of browser windows filled with porn to appear, causing him to lose much time trying to figure outhow to get rid of the problem.94.Don't get fooled again . PC Magazine offers a couple examples of how spammers useclever subject line wording to get the unsuspecting to open an email. One suddenlycommon way is to make you think that you sent an email which bounced.95.I bring sad -- but sane -- tidings . Regardless of what that email said, you did not win theIrish Sweepstakes. Neither did you win the Yahoo Lottery. In fact, there *is* no YahooLottery . Typically, one has to purchase a ticket to win a lottery. Also, legitimate lotteriesdon't ask you to send $550 to Nigeria.96.
8/8/2019 Email Security2
http://slidepdf.com/reader/full/email-security2 14/14
Teach your children well . If you have children, ensure they know what you know of the points noted here and in other articles. Note, too, that additional online dangers facethem. Speak with them about predators; about using avatars instead of photos of themselves online; about never sharing address, phone or other personal information withanyone online; about telling you when someone makes them feel uncomfortable or sends
inappropriate pictures. If you're uncertain how to proceed, the Kids' Rules atSafeKids.com will prove useful.97.Don't just delete -- destroy . When it's time to upgrade, back up, then import your emailand other important files to the new computer. Then comes the important part. Stories of
bountiful private data harvested from used and 'recycled' computer hard drives whosedata had simply been deleted from the OS or the command line (or dealt with by DOS'sFDisk) are rife. Many of these originated with an exercise performed by SimsonGarfinkle and Abhi Shelat , who published what they'd found on 150 used hard drivesthey'd purchased. If you don't trust erasure programs which overwrite sectors many,many times, you might consider a metal chipper shredder (or, if on a budget, sledge-
hammering the platters.98.Stay clean . If you suspect you have a virus on your computer, run a virus checker (withan updated virus database) immediately. If possible, try to notify people on your contactlist. Many viruses perform the explicit purpose of harvesting email addresses from your computer, then spamming them in your name. Running a regular virus checker on your computer will keep you clean and protected, as well as keeping your
