How to stop your emails getting hacked

16 October 2018

It is possible to retain the privacy and control of your emails - here are some top tips to consider.



We live our lives on email

Email is now central to the smooth running of our lives. Where once we phoned or wrote letters we now simply send emails to organise social engagements, make holiday bookings and to keep up with friends and family. Such seamless communication has become commonplace.  

Unfortunately, the rise of email has lead to the equivalent rise of cyber-crime, with the hacking of emails taking place at a frightening rate. Social engineering attacks, identity theft and fraud are all on the increase with around 2 million online fraud incidents reported in the UK in 2017, according to new data from the Public Accounts Committee. And with only 20% of crimes actually reported, this is just the tip of the iceberg.

It isn’t just about the emails you send either. Every time you open an email or click on a link you are creating a digital footprint and leaving a trail of data online that says a lot about you - much of which is very personal. This trail can be easily followed; if you’re not careful enough it can be used and manipulated.

10 signs your computer has a virus

Spotting dangers is harder than you think

Most of us think we are aware of what makes a phishing scam but data theft and online fraud have become highly sophisticated.

Phishing scams are also not just limited to emails; they can also be used via text messages, instant messaging, phone calls and website pop ups.

Unfortunately, the malware protection software that many of us have installed doesn't help much with a lot of these scams because they rely on tricking the user, rather than delivering malicious software. That’s why being able to spot common scams is one of the best ways to help avoid them.

6 things to do if your emails are hacked

Common online dangers include:

Phishing emails – Whilst most of us would be very cautious about clicking on any links that may ask for payment details or personal information, phishing emails are proving harder and harder to spot and often look like duplicates of those sent by real organisations such as PayPal or banks. Common scams include offering advanced fees for guaranteed loans or credit cards, lottery scams claiming you’ve won a sum of money or emails offering to pay more than the asking price on an item you might have for sale online.

Scams come in many shapes and guises, from disaster relief scams asking for money to help those affected to companies posing as cyber security firms alerting you to the fake hacking of your emails. Being aware of the latest scams and recognising them is the first line of defence.

Hackers are constantly trying to find new ways to scam people, with other online threats coming from malware or computer viruses that can take control of your device and personal details following one careless click. You can’t be too vigilant; the rule of thumb is never click on a link if you are in doubt.

Fake websites are also on the rise and can look very official so it’s important to carefully check who is asking you for personal information and why before sharing any data. As such, the term ‘know your enemy is’ apt. From phishing, spear-phishing and whaling, ransomware and malware, to ghostware and blastware, keeping on top of cyber security threats is increasingly difficult – especially because as soon as a solution to one is found, another version pops up.

Computer jargon decoder

Phishing is the practice of sending emails that look as though they’re sent from a reputable company to trick you into revealing personal information like passwords or credit card numbers.

Spear-phishing is like phishing, but targeted to trick you personally. Spear-phishing might be even harder to spot, as the email could even be one you’re expecting to receive. .

Whaling is like spear-fishing, but targets a high-profile mark, like a CEO of a company, in order to get hold of the company’s financial details. .

Ransomware could lock your computer or hide important information to you until you give the criminals a fee to return it. .

Malware is malicious software designed to damage or gain access to your computer. This term encompasses virus, trojans and spyware. .

Ghostware is a stealthy piece of code that’s been cloaked, and so is used by criminals to sneak undetected on to your computer where it then hides other malicious code. .

Blastware is designed to automatically destroy or disable a system if you find it on your computer.

More computer jargon terms explained

Misuse of data – Your data is also regularly used by organisations and companies who market to you online. With the advent of the recent General Data Protection Regulation (GDPR) that came into force in May 2018, companies now have a responsibility to tell you what data they hold about you and to use it correctly. You also have to provide consent for them to use your data and can opt out of receiving emails. Websites typically give ways to opt out of receiving adverts and alerts and you should be told when cookies are being used and given choices about whether you agree to this.

Being careful and aware of threats is only one line of defence. You also need to be in control of the emails you send and the data you create. It’s clear that we need to do more to protect ourselves and the next step is to understand what control you really have.

10 ways to keep your home safe from hackers

How to keep control of your email

The good news is that it is possible to retain the privacy and control of your emails in all aspects of your life and erase them or make them meaningless if they fall into the wrong hands.

Here are some top tips to consider.

1. Encrypt your email

Email encryption isn’t just for businesses or tech geeks. Email encryption is a powerful way to keep your personal data safe, transforming sensitive data into unbreakable code. Even if someone manages to access your data with new encryption technology, the content they find will be completely undecipherable.

2. Back up your data

It might sound basic but backing up your emails is often overlooked. It makes sense to create a duplicate copy of your emails so that if a device is lost, stolen, or compromised, you still have all the information that’s important to you.

3. Use passphrases rather than passwords

Having a robust password is key. Most people know not to use the same password for different online accounts and are aware that passwords linked to personal details such as birthdays or addresses are easier to hack. Try using a longer ‘passphrase’ to make use of every character in a password and base this on a favourite song lyric, quote from a book, magazine, or film so it’s easy to remember.

4. Don’t share too much information

Take a minute to stop and think about any data you are considering sharing before you share it. No one should need to ask for a PIN or password; in fact if you’re asked for anything but the most basic identifying details, you should tread warily. If you’re at all concerned about the source of an email check it’s authenticity - for example give your bank a ring (using the number on your bank card, or one you’ve found via Google) to see if an email is really from them.

5. Never click on an unknown or suspect link

This is actually much harder than you think given the sophistication of phishing scams. Websites and emails can look really legitimate and from recognisable sources such as banks or government departments and it can often be quite difficult to tell the difference. If in doubt, don’t open anything and before disclosing any personal information make sure you know who you are dealing with. You can often spot a fake link by checking the URL address of a link – secure sites will begin with https:// (note the ‘s’ after http). Many phishing fakes will often just have http:// (no ‘s’).

6. Lock your smart phone or tablet devices

It’s so easy to have a mishap, to leave your phone somewhere, lose it or have it stolen. Locking your phone is the first line of defence and means if it winds up in the wrong set of hands there is a layer of defence. When your phone is locked a thief must first crack your password to get to your data.

7. Keep it simple

When looking at tech to encrypt your emails it’s really important to try and keep it simple otherwise you’ll end up getting bogged down. Cyber security solutions for personal data have marched on and a new approach is now available that focuses on securing and encrypting all data at its source, using just one lock and key. This means that even if someone gains access to your data they are unable to read it and find it completely meaningless.

It is possible to live a secure online life and keep in control of your emails. Digital privacy is more than a necessity; it is a right and by being vigilant and taking the right precautions we can continue to benefit from all that email and the internet has to offer without putting ourselves at risk.

This guide was written by Ajit Patel, founder of Siccura Safemail, a new solution that allows users to take back control of their digital privacy. Developed in response to the volume and vulnerability of emails shared every day, Siccura Safemail is a simple to use application for consumers to stay in total control of every email they send, share and store. Unlike other email security apps, Siccura allows users to benefit from advanced encryption, while still keeping their own email accounts such as Outlook or Gmail.  You can download a free trial of Siccura Safemail here, on Google Play and coming soon to iTunes.



The opinions expressed are those of the author and are not held by Saga unless specifically stated.

The material is for general information only and does not constitute investment, tax, legal, medical or other form of advice. You should not rely on this information to make (or refrain from making) any decisions. Always obtain independent, professional advice for your own particular situation.