How to protect your email inbox from fraud

15 July 2024 by National Bank
Email security

Your email inbox is a veritable gold mine for fraudsters. With a little digging, they can get their hands on all kinds of personal information, including identification data linked to various transactional sites. Fortunately, there are several ways to protect your email inbox from fraud.

In this article:

Why should you protect your email inbox?

Emails can contain a wealth of valuable information: your date of birth, address, pay stubs, tax returns, access codes, social insurance number... in short, all the information that’s valuable to fraudsters.

If someone with bad intentions manages to access your email inbox, they can do a lot of damage. Not only can they read and send messages pretending to be you, they can also reset the passwords to your online accounts (social networks, online stores, bank accounts, phones, etc.).

They may then try to extract money from your contacts or steal your identity from government and financial institutions, among other things. Needless to say, this can cause serious problems for you.

How can you secure your email inbox?

The good news is that there are many ways to keep your email inbox safe. Taking the following steps will help you prevent fraudsters from gaining access to your account.

Choose a strong password

Having a strong password is the first step in protecting yourself from fraud. To make sure yours is hard to crack, avoid elements that are easy to guess, such as your children’s names or your date of birth.

Your password should contain a combination of uppercase and lowercase letters, numbers and special characters, for a total of at least 12 characters. You can also opt for a passphrase, which is a sequence of words, separated by spaces, for a total of at least 15 characters.

And while it’s tempting, avoid using the same password for all your accounts. You can use a password manager to easily store and manage your passwords securely.

Picto of a locker

Pro tip: To create an even more complex password, take the first letter of each word in a sentence that has meaning for you. For example: My first car was a white Honda Civic bought in the ’90s would be mfcwawhcbit90s. Simple, but effective!

Check out our article on how to create a strong password

Use two-factor authentication

Even a strong password can be decrypted by cybercriminals. To provide an extra layer of defence, use two-factor authentication, also known as multi-factor authentication or two-step verification. Many applications and sites – such as ours – already use it. For other sites, such as social networks or messaging systems, you need to activate it by selecting the option in your settings.

You can choose how often two-factor authentication is required: every time you log in, every time you change your password, once a month or when you log in from new devices or a new browser.

Create multiple email addresses

There’s no rule that says you should only use one email address. Specialists recommend creating different addresses for different uses.

How many email addresses should you have?

It all depends on your needs – consider grouping different uses together. For example, you could create:

  • One address for service providers and government organizations (Hydro-Québec, Canada Revenue Agency, etc.)
  • A second address for less important services (loyalty cards, etc.)
  • A third address for social networks
  • A fourth address for personal communications

This makes it easier to manage your emails and helps protect your personal information from fraud and suspicious activity.

Don’t use your email inbox to store personal information

Your inbox isn’t a good place to store sensitive data and important documents such as tax returns, notices of assessment, bank statements, scanned IDs, pay stubs and so on. Instead, use an online, cloud-based storage service, secured with a strong password.

Log out of your email account

If someone else needs to use your computer or mobile device, log out of your accounts when you’re not using them (and no, simply closing the app won’t log you out).

Deactivate automatic email forwarding

Some email providers have features that automatically forward or redirect messages to another account. This means if an ill-intentioned person manages to break into one of them, they could gain access to the others.

Check your inbox settings and make sure this option isn’t selected.

Stay on top of your messages

Regularly sort through your emails and delete those you don’t need – and remember to delete the trash afterwards. In addition to protecting yourself, you’ll free up space and reduce your carbon footprint as less energy will be required to store the data.

Watch out for phishing scams

Phishing scams and fraudulent communications are on the rise. Don’t click on URLs or download files from unknown senders and, if in doubt, contact the sender directly.

If the communication is from an organization, use the phone number or email addresses listed on their official website.

Does the email look suspicious? Delete it immediately and empty the trash to be safe.

Choose a secure email provider

It’s important to opt for an email provider that offers solid email security and data protection. Take the time to analyze different providers according to your needs: security, storage, price and number of possible accounts. Avoid using an email provider that you’re unfamiliar with.

Install security software

Security software, commonly known as antivirus software, can provide email security and prevent various fraud attempts.

Spam filters can also stop many viruses and malware from finding their way into your inbox.

Ideally, you should be using both, making sure to update them regularly to optimize their effectiveness.

Choose password-protected internet connections

When you’re not at home, avoid connecting to public or open Wi-Fi networks that aren’t password protected. A trusted network should always be password protected.

Is your library’s network open? Before connecting to it, be sure to check with a staff member to make sure it’s a legitimate network and not a trap.

Picto of a laptop with a cercled checkmark

Good to know: Businesses should also implement a variety of best practices to protect themselves from fraud. In addition to the measures listed above, they can also use secure platforms to exchange documents that contain sensitive information.

What should you do if someone gains access to your email inbox?

Even if you’ve taken proper security measures, it’s still possible for your email inbox to fall into the hands of scammers. If this has happened to you, know that it can happen to anyone. Don’t panic, and be methodical. You’ll have to take several steps to recover your identity, and you’ll need to stay calm:

  • Start by examining your bank and credit card transactions. Notify your banking institutions as soon as possible.
  • Change all your passwords to prevent fraudsters from taking over all your accounts.
  • If the fraud is confirmed, notify the credit agencies so that a fraud alert can be added to your file.
  • Contact the police to file a complaint, and report the case to the Canadian Anti-Fraud Centre by filling out an official form.
  • Stay on the lookout and keep a close eye on your financial activities.

Fraudsters are inventive and are constantly finding new ways to trick people. But by following a few good practices, you can avoid getting caught in their net and becoming their next victim.

Want to learn more about how to protect yourself against fraud? Take a look at some of our practical tips.

Tags :
Security, Banking
Back
Terms of use
National Bank’s virtual assistant

When using our Virtual Assistant Service (the "Chatbot"), you accept these Terms of Use, which are subject to change without notice. Furthermore, you agree to consult these Terms of Use from time to time and acknowledge that your continuing use of the Chatbot means that you have accepted any changes that may have been made. Your continued use of the Chatbot means that you’ve read, understand and agree to these Terms of Use, the Terms of Use for our website, our Online transaction services, and to our privacy policy. You also understand any other agreements that you have with us will continue to apply when you use the Chatbot.

1. Our Services and your responsibilities

The Chatbot is an automated service which is integrated into our online banking platform.

The Chatbot is preprogrammed to answer general questions concerning the use of our online banking platform solely for informational purposes. The Chatbot is not able to answer questions on personal monetary transactions or products you hold with us.

By using the Chatbot, you understand and agree that:

  • The Chatbot does not provide financial advice or financial planning services.
  • The Chatbot does not conduct any banking transactions.
  • The Chatbot may not be able to answer all your questions. Therefore, it may not be able to provide you with the information you require. You must judge whether the answer provided responds to your question accurately. In the case of uncertainty, a customer service representative would be happy to help you. You can call us toll free at 1-888-483-5628 or 514-394-5555.
  • The Chatbot is not a complaint service. You cannot use the Chatbot to file complaints. If you have any complaints, you can contact us at the number indicated above.
  • We monitor, record and store the discussion that you have with the Chatbot to improve our interactions with our clients.
  • You will not provide the Chatbot with any confidential, personal, or private information. For example, you will not provide the Chatbot with your login information, PIN or other personal banking information.

2. Limitation of Liability

You acknowledge that we won’t be liable for any losses or damages that you may suffer as a result of your use of the Chatbot, including if the Chatbot is unavailable for any reason.

We cannot guarantee that the results obtained via the Chatbot will be accurate and reliable and that the answers provided will meet your expectations.

We will not be held liable for damages you incur as a result of:

  • Any delay, error, interruption or omission on our part or any other event beyond our control.
  • Any deficiency or technical error or any unavailability of our systems and wireless networks.
  • Your failure to meet any of your obligations.
  • Any amendment to or suspension, refusal or blockage of the Chatbot.
  • Any decision or measure you take in response to information and data obtained via the Chatbot.
  • Any other damages you may incur that are not caused by negligence on our part.

3. Language

You have requested that these Terms of Use, and related documents be drawn up in English.

4. Governing Law

These Terms of Use are governed and must be interpreted in accordance with the laws in force in the province or territory where you reside. If you reside outside Canada, the laws in force and the courts of competent jurisdiction are those of the province of Quebec.

Virtual assistant