The biggest mistakes people do with their personal mail boxes

best practices e-mail email Email Hacking hacker Security practices

We all have one or more personal mail boxes. I have plenty of them for different purposes (one for family, one for friends, one for official stuff, even temp ones or temp aliases for subscriptions to forums).

We get tons of emails from friends, relatives, businesses, contractors, banks and so on. We store lot of informations, pictures, personal information, contracts and so on. Therefore, mail boxes are a gold mine for hackers. The most common mistake is to keep all emails live in the mail box.

If a hacker gets an access to your mail box, your life could be ruined due to data leakage, extorsion, identity theft, disclosure of information, etc..

Here are some basic rules to follow in order to stay safe:

Rule #1: never open any email coming from an unknown source or that sounds fishy. This the best way to prevent a malware or a cryptoware from invading / corrupting your device or local network. Just block the sender and trash the evil spam.

Rule #2: an important mail should be converted in a pdf (preferably signed) document and stored safely (not in your mail box). Ever heard of the 3-2-1 backup golden rule? You shall keep 3 copies of your important files, you shall use 2 different physically distinct storage devices and you shall have 1 copy stored off-site (i.e. not at your home).

Rule #3: delete all emails when done reading / responding to them. Guess what! On my keyboard, the key that is the most “polished”, the most abused, the most used is the DEL key.

Rule #4: only keep emails in the inbox until you have dealt with them, then delete them. This is just to be efficient: If they stay more than a couple days unread, then those emails are surely not important, might as well delete them. And do empty the trash bin.

Rule #5: never, ever, keep a copy or picture of your passport, SSN, driver’s license or any official documents stored in your mail box. remember rule #4. #2 and #6.

Rule #6: remember, an empty mail box is not worth shit to hackers.

Rule #7: activate the 2FA (2 Factor Authentication). Mailboxes passwords are often too weak and can be easily guessed or reset. A good strong password with at least 15 alphanumerical characters and a token for 2FA are the best combination to protect the access to your mail box. If you make it hard for a hacker to access your mail box and you followed rule #2 and #6, then the hacker with feel so annoyed that he or she did waist so much time and energy to “break in”. But remember, the hacker will still have access to all your contacts stored in the mail box’ address book. Therefore, you’ll need to keep your authentication as secured as possible.

Rule #8: help your family and friends secure their mail boxes.

Rule #9: when you create a new email address, don’t be a fool, do not use your first and last name combination. You are giving away the most important information about you; your name. So ban this bad habit. An email address like john.smith[@]somedomain[.]zzz is a PII (Personal Identifiable Information) disclosure. But something like[@]somedomain[.]zzz or izainasia[@]somedomain[.]zzz does not give away any information about your full name.

Enjoy and share, if you wanna.

//Be Safe

//Be Happy


If you liked those advices and would like to help me pay the recurrent hosting bills and for the time I spent every day on maintaining this web site, feel free to donate.  Thanks in advance and thank you for your support. Here is my BTC adresse: