mirror of
https://github.com/Lissy93/personal-security-checklist.git
synced 2024-12-27 16:29:41 -05:00
parent
6772dbd5bb
commit
d2c980edf7
@ -139,6 +139,7 @@ The big companies providing "free" email service, don't have a good reputation f
|
||||
**Keep Email Address Private** | Recommended | Do not share your primary email publicly, as mail addresses are often the starting point for most phishing attacks
|
||||
**Keep your Account Secure** | Recommended | Use a long and unique password, enable 2FA and be careful while logging in. Your email account provides an easy entry point to all your other online accounts for an attacker
|
||||
**Disable Automatic Loading of Remote Content** | Recommended | Email messages can contain remote content such as images or stylesheets, often automatically loaded from the server. You should disable this, as it exposes your IP address and device information, and is often used for tracking. For more info, see [this article](https://www.theverge.com/2019/7/3/20680903/email-pixel-trackers-how-to-stop-images-automatic-download)
|
||||
**Use Plaintext** | Optional | There are two main types of emails on the internet: plaintext and HTML. The former is strongly preferred for privacy & security as HTML messages often include identifiers in links and inline images, which can collext usage and personal data. There's also numerous risks of remote code execution targetting the HTML parser of your mail client, which can not be exploited if you are using plaintext. For more info, as well as setup instructions for your mail provider, see [UsePlaintext.email](https://useplaintext.email/).
|
||||
**Don’t connect third-party apps to your email account** | Optional | If you give a third-party app or plug-in (such as Unroll.me, Boomerang, SaneBox etc) full access to your inbox, they effectively have full unhindered access to all your emails and their contents, which poses [significant security and privacy risks](https://zeltser.com/risks-of-email-search-services/)
|
||||
**Don't Share Sensitive Data via Email** | Optional | Emails are very easily intercepted. Further to this you can’t be sure of how secure your recipient's environment is. Therefore emails cannot be considered safe for exchanging confidential or personal information, unless it is encrypted/ or both parties are using a secure mail provider
|
||||
**Consider Switching to a Secure Mail Provider** | Optional | Secure and reputable email providers such as [ProtonMail](https://protonmail.com) and [Tutanota](https://tutanota.com) allow for end-to-end encryption, full privacy as well as more security-focused features. Unlike typical email providers, your mailbox cannot be read by anyone but you, since all messages are encrypted. Providers such as Google, Microsoft and Yahoo scan messages for advertising, analytics and law enforcement purposes, but this poses a serious security threat
|
||||
|
Loading…
Reference in New Issue
Block a user