How to protect your email inbox from fraud

15 July 2024 by National Bank
Email security

Your email inbox is a veritable gold mine for fraudsters. With a little digging, they can get their hands on all kinds of personal information, including identification data linked to various transactional sites. Fortunately, there are several ways to protect your email inbox from fraud.

Why should you protect your email inbox?

Emails can contain a wealth of valuable information: your date of birth, address, pay stubs, tax returns, access codes, social insurance number... in short, all the information that’s valuable to fraudsters.

If someone with bad intentions manages to access your email inbox, they can do a lot of damage. Not only can they read and send messages pretending to be you, they can also reset the passwords to your online accounts (social networks, online stores, bank accounts, phones, etc.).

They may then try to extract money from your contacts or steal your identity from government and financial institutions, among other things. Needless to say, this can cause serious problems for you.

How can you secure your email inbox?

The good news is that there are many ways to keep your email inbox safe. Taking the following steps will help you prevent fraudsters from gaining access to your account.

Choose a strong password

Having a strong password is the first step in protecting yourself from fraud. To make sure yours is hard to crack, avoid elements that are easy to guess, such as your children’s names or your date of birth.

Your password should contain a combination of uppercase and lowercase letters, numbers and special characters, for a total of at least 12 characters. You can also opt for a passphrase, which is a sequence of words, separated by spaces, for a total of at least 15 characters.

And while it’s tempting, avoid using the same password for all your accounts. You can use a password manager to easily store and manage your passwords securely.

Picto of a locker

Check out our article on how to create a strong password

Use two-factor authentication

Even a strong password can be decrypted by cybercriminals. To provide an extra layer of defence, use two-factor authentication, also known as multi-factor authentication or two-step verification. Many applications and sites – such as ours – already use it. For other sites, such as social networks or messaging systems, you need to activate it by selecting the option in your settings.

You can choose how often two-factor authentication is required: every time you log in, every time you change your password, once a month or when you log in from new devices or a new browser.

Create multiple email addresses

There’s no rule that says you should only use one email address. Specialists recommend creating different addresses for different uses.

How many email addresses should you have?

It all depends on your needs – consider grouping different uses together. For example, you could create:

  • One address for service providers and government organizations (Hydro-Québec, Canada Revenue Agency, etc.)
  • A second address for less important services (loyalty cards, etc.)
  • A third address for social networks
  • A fourth address for personal communications

This makes it easier to manage your emails and helps protect your personal information from fraud and suspicious activity.

Don’t use your email inbox to store personal information

Your inbox isn’t a good place to store sensitive data and important documents such as tax returns, notices of assessment, bank statements, scanned IDs, pay stubs and so on. Instead, use an online, cloud-based storage service, secured with a strong password.

Log out of your email account

If someone else needs to use your computer or mobile device, log out of your accounts when you’re not using them (and no, simply closing the app won’t log you out).

Deactivate automatic email forwarding

Some email providers have features that automatically forward or redirect messages to another account. This means if an ill-intentioned person manages to break into one of them, they could gain access to the others.

Check your inbox settings and make sure this option isn’t selected.

Stay on top of your messages

Regularly sort through your emails and delete those you don’t need – and remember to delete the trash afterwards. In addition to protecting yourself, you’ll free up space and reduce your carbon footprint as less energy will be required to store the data.

Watch out for phishing scams

Phishing scams and fraudulent communications are on the rise. Don’t click on URLs or download files from unknown senders and, if in doubt, contact the sender directly.

If the communication is from an organization, use the phone number or email addresses listed on their official website.

Does the email look suspicious? Delete it immediately and empty the trash to be safe.

Choose a secure email provider

It’s important to opt for an email provider that offers solid email security and data protection. Take the time to analyze different providers according to your needs: security, storage, price and number of possible accounts. Avoid using an email provider that you’re unfamiliar with.

Install security software

Security software, commonly known as antivirus software, can provide email security and prevent various fraud attempts.

Spam filters can also stop many viruses and malware from finding their way into your inbox.

Ideally, you should be using both, making sure to update them regularly to optimize their effectiveness.

Choose password-protected internet connections

When you’re not at home, avoid connecting to public or open Wi-Fi networks that aren’t password protected. A trusted network should always be password protected.

Is your library’s network open? Before connecting to it, be sure to check with a staff member to make sure it’s a legitimate network and not a trap.

Picto of a laptop with a cercled checkmark

What should you do if someone gains access to your email inbox?

Even if you’ve taken proper security measures, it’s still possible for your email inbox to fall into the hands of scammers. If this has happened to you, know that it can happen to anyone. Don’t panic, and be methodical. You’ll have to take several steps to recover your identity, and you’ll need to stay calm:

  • Start by examining your bank and credit card transactions. Notify your banking institutions as soon as possible.
  • Change all your passwords to prevent fraudsters from taking over all your accounts.
  • If the fraud is confirmed, notify the credit agencies so that a fraud alert can be added to your file.
  • Contact the police to file a complaint, and report the case to the Canadian Anti-Fraud Centre by filling out an official form.
  • Stay on the lookout and keep a close eye on your financial activities.

Fraudsters are inventive and are constantly finding new ways to trick people. But by following a few good practices, you can avoid getting caught in their net and becoming their next victim.

Want to learn more about how to protect yourself against fraud? Take a look at some of our practical tips.

Legal disclaimer

Any reproduction, in whole or in part, is strictly prohibited without the prior written consent of National Bank of Canada.

The articles and information on this website are protected by the copyright laws in effect in Canada or other countries, as applicable. The copyrights on the articles and information belong to the National Bank of Canada or other persons. Any reproduction, redistribution, electronic communication, including indirectly via a hyperlink, in whole or in part, of these articles and information and any other use thereof that is not explicitly authorized is prohibited without the prior written consent of the copyright owner.

The contents of this website must not be interpreted, considered or used as if it were financial, legal, fiscal, or other advice. National Bank and its partners in contents will not be liable for any damages that you may incur from such use.

This article is provided by National Bank, its subsidiaries and group entities for information purposes only, and creates no legal or contractual obligation for National Bank, its subsidiaries and group entities. The details of this service offering and the conditions herein are subject to change.

The hyperlinks in this article may redirect to external websites not administered by National Bank. The Bank cannot be held liable for the content of external websites or any damages caused by their use.

Views expressed in this article are those of the person being interviewed. They do not necessarily reflect the opinions of National Bank or its subsidiaries. For financial or business advice, please consult your National Bank advisor, financial planner or an industry professional (e.g., accountant, tax specialist or lawyer).