I talked with a client this week about concerns she had regarding the security of her email account. This is a great topic to cover in today’s post.

Before we dive in to email best practices, think about your email account for a minute. If you are like me, it likely contains a pretty comprehensive roadmap to your life – the credit cards you have, the broker/dealer you work with, the advisors you work with (accountant, financial advisor, etc), the stores you frequent, current transactions you are working thru (ie: potential home purchase), names and emails for your closest contacts, and countless other items that provide a look thru into your life.

All of this information is very valuable to potential hackers. If someone can gain unauthorized access to your email account, they are likely able to conduct a whole host of nefarious actions. I’ve witnessed a few with friends (received an email from friend’s actual address asking for me to send them gift cards since they lost their wallet. Turns out a hacker had accessed and emailed every person in their address book, seeing if some would fall for it and email them back with gift card funds. I’ve also heard of others from Schwab (such as advisors getting emails from clients asking for wire transfers (that were in fact emails from bad actors that had accessed the client’s email accounts or bad actors altering wiring instructions for real estate closing to have wire go to them instead of the bank).

With the sensitivity and importance of your email account in mind, here are a few steps you may wish to consider to protect yourself.

1.) Consider email provider – ensure that your email provider has a variety of security protocols available to you (some of which are discussed below). You also want to verify that your email provider has sound spam filtering tools (as beyond unauthorized access to your email account, you are also at risk of falling for a phishing scam via an inbound email)

2.) Secure account (in as many ways as possible) – most email providers allow for multiple layers of protection. These may include complex passwords, 2 factor authentication, and biometric logins. There is no harm in setting up multiple layers of protection on your most sensitive accounts

3.) Avoid public wi-fi – Using public wi-fi in any setting increases the risk that your log-in credentials can be compromised. While it may be tempting to log in at a hotel, airport, or coffee shop, resist the urge! But if you must, maybe have a separate advice for those purposes that is free of any and all sensitive accounts and apps and log ins.

4.) Secure Devices– Many of us have our email accounts automatically loaded onto many devices. If someone can gain access to your device, they can get into your accounts. Ensure your devices are secured (with biometric log in requirements), etc. You may also wish to consider logging out of all email accounts on devices while away from home.

5.) Stay Vigilant – Our digital lives are yet another thing we need to pay close attention to. Set up alerts for log-ins on new devices, periodically review devices accessing your accounts, and change passwords. It’s a lot of work – but less work than dealing with a compromised situation

6.) Slow Down – one of my biggest takeaways from all the cyber security webcasts I’ve attended is to slow down. We are all moving quickly these days and it’s so easy to overlook a fake email, click on a link without thinking, take wire instructions in an email as legitimate without calling to verify them, etc. Slowing down can help your gut catch up to your brain and you will be surprised what you can observe and stop before it happens.

Hope these items help you feel a bit more secure regarding your email accounts!