Three common email blunders and how to avoid them

Email is one of the most ubiquitous communication tools these days but email blunders are just as common. We offer tips on how to avoid them and stay smart online.

This week is Stay Smart Online Week, an Australian Government initiative to raise awareness amongst Australians about how they can help protect themselves and their businesses online.

Through the week, we are publishing a three-part blog series about cyber security.

In the first part, Kate Monckton – nbn’s Acting Head of Security and Privacy Knowledge Management – lists three common email blunders and offers tips on how to avoid them.

1. 'Oh no, that's the wrong John!' – sending an email to an unintended recipient

These days email is smart. So smart, that when you start to type someone’s email address in, it often tries to figure out who you’re writing to and automatically add email addresses you’ve used before.

This can be pretty useful if you’re like me and aren’t very good at keeping your address book up to date.

But it also makes it very easy to send messages to the wrong person!

Often it's the minute you hit send that you realise what you’ve done.

Depending on the email app you use, there are a few precautions you can take to try to prevent this happening:

- Disable auto-complete for addresses and use you address book to populate the ‘to’ line – more details on how to do this on Gmail here and Outlook 2010 here.

- Set up a short e.g. two minutes, delay send on all your emails, giving you a bit of time to go into the outbox and stop an email sending when you have that ‘uh oh’ moment, Instructions on how to do this in Outlook 2010 can be found here.

2. Yes, I would like to send you my money, internet stranger’ – falling victim to phishing emails

Just as in the real world, the online world has its share of baddies who are intent on scamming unsuspecting people.

‘Phishing’ emails have become a lot more targeted and sophisticated, both in approaches they use and the type of malicious software or links they often contain.  In the last several of years, there has been a rise in so called ‘ransomware’.  

Just as in the real world, the online world has its share of baddies who are intent on scamming unsuspecting people

This is a malicious application that attempts access to your computer to encrypt your files (photos and other personal documents) and then demand you pay a Bitcoin (a type of internet currency) ransom in exchange for having access to your files returned.

This type of ‘ransomware’ often makes its way on to your computer through cleverly crafted social engineering such as a legitimate looking email from a well-known organisation containing an attachment which once opened, infects your system. 

One study from December 2013 by Dell SecureWorks found that at the time 12.9 per cent of Australian systems were infected by a type of ransomware called CryptoLocker.

There are a few things you can actively do to help avoid falling victim to this type of cyber-attack:

- Make sure you have anti-virus software installed on your computer and that it is up to date

- Be wary of attachments and links in emails that you weren’t expecting or are unsure of the source.  If in doubt, delete it or contact the organisation or person you believe that sent it and ask for more information.

- Conduct regular ‘offline’ back-ups e.g. to an external hard disk drive so that if you do get caught out, you will be able to restore your files.

3. 'Why are you sending me emails about a weight loss supplement?' – having your email account send spam to your contact list

A few months ago, an email came into one of my email accounts from a university professor I hadn’t thought about in nearly 15 years. 

What was even more curious was that from the title of his email, he appeared to have left the world of academia and was now promoting a weight loss supplement that ‘really works!’. 

This was shortly followed by an email from the same chap with the subject line; ‘Ignore recent emails from me, I think I have been hacked!

If your email account is sending spam to your contact list, it's likely your account has been compomised.

I imagine many of you have received such emails or on the flip side, been told by people that your account is sending them spam emails and they think you may have had your account compromised.

There are a few ways your email account could be ‘hacked’ including:

- You visited a phishing site and entered in your email username and password

- A website you have given your details to may have had a data breach

- Your password was not strong enough and could be figured out

- There may be malicious software called ‘spyware’ on your computer which captured your email account details when you entered them

Luckily, there are steps you can take if you think your email account has been used to send spam, including:

-  Immediately change your password for the affected account

-  Always use a strong unique password that is not easy to guess e.g. a combination of upper and lower case letters, numerals and symbols

-  Change your password on any website that you used with that account

-  Make sure you’re running up to date versions of all your software, including anti-virus

In Part Two of this series, meet Alexis Coupe – a cyber analyst at nbn – who detects and fights online threats. Part Two will be published on Wednesday, October 14.