Security Awareness Training for SMBs: Email Security

Security Awareness Training for SMBs: Email Security

Information to help employees avoid today’s most common cyber threats

Your employees are a key component in protecting the security of your business’ technology infrastructure. Most employees will use the Internet on a daily basis without incidences, but it can harbor some hidden dangers. These risks can include exposure of sensitive information and infection by malware, which includes viruses, spyware, and adware. Safe browsing means being aware of these online threats and taking the necessary steps to avoid them.

Email security is a key component of safe internet use in the workplace. While email attachments are a popular and convenient way to send documents, they are also a common source of viruses. Number one rule: Use caution when opening attachments, even if they appear to have been sent by someone you know and follow these tips for safe proper email security.

  • Be wary of unsolicited attachments, even from people you know – Just because an email message looks like it came from your mom, grandma, or boss doesn’t mean that it did. Many viruses can “spoof” the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it’s legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.
  • Trust your instincts – If an email or email attachment seems suspicious, don’t open it, even if your anti-virus software indicates that the message is clean.
  • Save and scan any suspicious attachments before opening them – If you have to open an attachment before you can verify the source, take the following steps:
    1. Be sure the signatures in your anti-virus software are up to date.
    2. Save the file to your computer or a disk.
    3. Manually scan the file using your anti-virus software.
    4. If the file is clean and doesn’t seem suspicious, go ahead and open it.
  • Never reply to e-mail messages that request your personal information –  Be very suspicious of any e-mail message from a business or person who asks for your personal information — or one that sends you personal information and asks you to update or confirm it. Instead, use the phone number from one of your statements to call the business. Do not call a number listed in the e-mail message. Similarly, never volunteer any personal information to someone who places an unsolicited call to you.
  • Don’t click links in suspicious e-mail  –  Don’t click a link in a suspicious message. The link might not be trustworthy. Instead, visit Web sites by typing their URL into your browser or by using your Favorites link. Do not copy and paste links from messages into your browser.
  • Don’t send personal information in regular e-mail messages  –  Regular e-mail messages are not encrypted and are like sending a post card.
  • Keep software up to date – Install software patches so that attackers can’t take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
  • Turn off the option to automatically download attachments – To simplify the process of reading email, many email programs offer the feature to automatically download attachments. Check your settings to see if your software offers the option, and make sure to disable it.

If you are concerned about the security of your business’ computer or network, contact ACE IT Solutions at 646-558-5575 for a free security consultation. Email us at to request a FREE copy of our Safe Internet Browsing Manual for your employees.