Preface
I’m not a security expert, but I’ve been living my life around computers for over 40 years now. I can count on one hand the times I had to deal with cyber threats on computers I’ve owned during these 40 years.
I felt people would benefit from learning a little about what I do differently to protect myself from cyber threats, so I wrote this short blog post. I hope you find it helpful.
Emailing
It came as no shock to me that 94% of cyber threats come from email. People have been taught how to use email, but they have never been taught how to take a few more simple steps to verify emails and stay away from malicious content.You can read more about the link between email and cyber threats here.
Web interface vs. email client
The first thing you need to understand is the huge difference between using a web interface like gmail.com to read your email and something more traditional like Microsoft Outlook (which is also available as a web interface today, but most people don’t know that).
A web interface does not download data to your computer, and whatever content you want to download, it will be scanned for viruses and malware first. An email client, such as Outlook, downloads data to your computer every time you choose to check for new email. The downloaded data can then easily infect your computer with a virus or malware.
The reading pane
If you’re a fan of the Reading Pane feature in Outlook (or any other mail client you use), you should know that using this option makes you more vulnerable to cyber threats. The reason is that the preview pane can actually run types of scripts and executable files that could be harmful.
I would recommend that you do not use the Reading Pane, no matter which mail client you choose. More about the Reading Pane, what it is, and how to turn it on/off in Outlook here.
Simple sender verification
Before you open an email, follow these steps to avoid various cyber threats:
- Make sure you know the sender.
- If you do not know the sender, stop and think: is it logical that this address would send you an email in the first place?
Make sure the sender’s name and the sender’s email address match. I’ll give you a few examples of how to do this in gmail.com and in Outlook. Let’s say I get an email that says the sender’s name is Fedex, and I’m actually expecting a delivery from Fedex. If I hover over the name (which should work in gmail.com and in Outlook, and I’m sure it would work in most email clients and web interfaces), a tooltip should appear with the sender’s address. If it does not in Outlook, use this answer from Microsoft to fix it. If the name says Fedex, but the address is not a [email protected] email address, don’t open it. If you get an email from someone you don’t know and the subject says something like “Hi, I’m Alice from bemyfriend.com” and you click on the sender name and the e-mail says something like “[email protected]”, don’t open it.
Email attachments
Only open email attachments from people you know. If it is a private email address, make sure you have a working virus scanner for that email client.
Some final thoughts
It is true that developers of email clients like Microsoft Outlook and Mozilla Firefox are always working on preventing email cyber threats from threatening your computer but it is also a sad truth that cyber threat developers are also working hard to find new ways to hide these threats from the email client developers.
It is safer to follow these simple suggestions above than to deal with a virus, malware, spyware, ransomware on your computer.
These steps will not have you 100% safe from cyber threats but they will help minimize the chance of being exposed to these cyber threats.
Especially on a Windows machine, always make sure you have a good antivirus program. You can use this website to decide on a good antivirus software.
Stay safe,
Aviram
