Clean Out Your Inbox to Reduce Your Risk from Cybercrime

Clean Out Your Inbox to Reduce Your Risk from Cybercrime

When was the last time you cleaned out your Inbox?  Do you know how many emails you have?  In Outlook, a quick glance in the lower left-hand corner will tell you.

So, how many emails are in your Inbox?  None? Hundreds? Thousands?

How long do you keep them?  One year? Five years? Forever?  If your organization has to meet specific compliance standards, that might be an easy question to answer.

What would happen if a hacker stole every email in your Inbox?  What would cybercriminals learn about you? What about your staff, customers, business model, and your professional colleagues?

If you have a few hundred emails dating back a year or so, it’s time for some tidying up.  If you have thousands dating back many years, it’s time for a massive clean-up.

Why Unnecessary Emails are Risky

Cybercriminals love email.  It’s a quick and efficient way to steal vast amounts of data.  All it takes is one person making one careless click.

The most common types of malware attacks occur through email.  While the email itself may be “safe”, it may contain an infected attachment or a link to a website that contains malware.

In the case of a phishing email, it will look legitimate and include a link that lures you into giving up your username and password.  Then, you’ve unwittingly become the victim of credential theft.

It’s a scary cyber world out there.

If you think your business is “too small” or doesn’t have information anybody wants, you’re mistaken.

A stuffed Inbox can be a treasure trove for a hacker.  Think about what’s in routine business emails: customer names and addresses, proposals, negotiation details, meeting notes, and unfortunately, the occasional company gossip.   (Two things that should NEVER be in an email are credit card information or personally identifiable information such as social security number, date of birth, etc.)

It’s logical that the more emails in your Inbox, the greater the risk.

If your email gets hacked, you may have to look at EVERY email in the affected Inbox to see what was taken.  From a practical standpoint, wading through thousands of emails isn’t a good use of anyone’s time.  In some cases, you’d likely have to notify the senders that their information was compromised.

Old emails contain information you forgot about years ago.  But it could still be valuable to someone who wants to use it for malicious purposes.  It’s better to make the emails go away.

Know Your Company Policies

Company policies can help.  If you don’t have email policies, take the time to make them.

In general, company email should be for company business.  Intermingling personal and business email can create privacy questions for users and open your company up to unwanted scrutiny, especially if there’s a breach.

If your business must meet compliance standards for retention and archiving, know what the standards are and adhere to them.

How to Clean Out Your Inbox

Tips for safe email handling and deletion:

  • In general, “hover before you click” and know how to identify suspicious email.  When you’re not sure, don’t click.
  • Use the “handle it once” principle. If you can take action in a minute or so, do it.  Then move or delete the email.
  • If you must come back to an email later, mark it Unread. But don’t forget to go back to it.
  • Delete with enthusiasm. Make it a habit.  If you have emails with information you can find elsewhere or that you’re not required to keep, hit delete.  Your Inbox will be safer for it.
  • Remember to actually empty the Deleted Items folder. This is an important step.

Hackers only have to get it right once.  We have to get it right every time.  Take a few minutes every day to clean out your Inbox.

If you’d like to know more about how CRU Solutions can help keep your business safer, contact us.