After his team of computer security researchers from the IT Security Lab of Munster University in Germany discovered a set of vulnerabilities on software PGP (Pretty Good Privacy) and S/MIME (Secure/Multipurpose Internet Mail Extensions), professor Sabastian Schinzel warned the users of those encryption applications to immediately disable and delete them.
Schinzel’s research group dubbed the newly discovered vulnerability as EFAIL. The flaw is described as having the capacity to affect those end-to-end encryption protocols. “They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past,” explained Schinzel in a tweet.
With this alarming new vulnerability that threatens email end-to-end encryption protection, users now must equip themselves with essential computer security knowledge about email confidentiality. Here are some email protection tips you should look at:
1. Create the strongest password you can.
This is a basic email security tip a lot of users worldwide are failing to follow. Always make your passwords complicated for hackers to crack. A smart way to do this is to incorporate capital and small letters, numbers, and other special characters. Make it at least six to eight characters. It’s a good thing email providers now require a minimum length and a combination of different characters.
2. Use two-factor authentication.
A comprehensive email security doesn’t stop with a strong password. Using two-factor authentication can augment keeping your email accounts well-protected from hackers. This feature is designed to make breaking into your account much difficult for online attackers. In two-factor authentication, you will be required to enter an authentication code (usually sent to your phone via SMS) on top of your login credentials. This way, hackers won’t be able to easily access your email account even when they found a way to crack your password.
3. Protect your email address.
As much as possible, only share your email address to trusted sources. The more public your email account is the more vulnerable it to be a subject for cyber attacks. For a comprehensive email security, you must never share or post your email address to any website, chat room or comments section. Hackers are always on the lookout for potential victims so minimizing the visibility of your email account can improve its security.
4. Be cautious about phishing scams.
In a phishing scam, hackers use fraudulent emails and websites that are designed to look like a legitimate one to lure unsuspecting users to reveal private information (e.g bank account credentials). If you received an email from a familiar website like your bank, verify it by thoroughly scrutinizing the email including its content and sender. If the email includes a link don’t click it and instead go directly to the institution’s website by typing its URL address to perform the necessary actions. It would be best if you can directly contact the institution concerned to verify the authenticity of the received email.
5. AVOID public WiFi connections.
Under any circumstances, never check your email account (or any personal account for this matter) when connected to a public Wi-Fi server. There is a possibility that the public Wi-Fi that you connects to is infected by a program called “network sniffers” which can monitor all the data flowing through that certain public network. Attackers can analyze those data and obtain your information such as your email account and password.
With all the confidential and important information that you save on your email account, it’s no surprise that it’s a feasible medium for hackers to spread cyber attacks and vulnerabilities. Always ensure that you’re on top of your email security game to secure your account from any unauthorized access, loss, and compromise. Let this new email vulnerability be a reminder why email security should be a topnotch priority to keep all your valuable information away from the reach of attackers.