Cyber hygiene: use of e-mails

In order to increase the security of your IT, a certain number of good practices are grouped under the generic term of IT hygiene. We list here some of these good practices. For this third article in a series of five, here are some tips for using your email.

Non-confidential emails

By default, messages sent and received are transmitted unencrypted, so they can be read by any intermediary. So avoid sending confidential information, such as passwords. Preferably use an e-mail server based in Switzerland.

Falsified shipper

A message can easily be falsified, for example at the sender's level. Always keep this information in mind and increase your level of vigilance when faced with an unusual request or tone. A thief can impersonate a colleague and obtain confidential information. Click on the sender's email address to verify that the domain name is identical to the official company domain.

If in doubt, contact the sender through another channel (e.g. telephone) to make sure that it was he who sent you the message.

Any fraudulent e-mail should be filed as junk mail, which can prevent receiving more from the same sender. Never reply to a fraudulent e-mail and do not click on unsubscribe buttons as this shows that your e-mail address is active and may lead to more fraud.

Attachments

A common way to introduce malware is to send it by e-mail as an attachment. So don't open any attachment unless you are sure that it is harmless and comes from a authentic sender.

Links

A link in a message can lead to dubious sites and be disguised as a harmless link. For example, the link named www.apple.com may actually lead to another site. The only way to verify this before using it is to hover over the link with the mouse in order to display its true destination. Beware of links pointing to link shortener services, such as bit.ly or tinyURL, which hide the final destination of the link. Avoid clicking on links where you don't know the real destination.