These are safe email practices which you and all your friends and associates

should follow. Let them know that you will not open their email unless they practice

safe emailing.

1  NEVER open an email from someone you don’t know.

2  NEVER forward an email from someone you don’t know, or which originated

with someone you don’t know. All those “think happy thoughts”

emails that people send around could contain viruses. By sending them to

your friends and associates you may be infecting their computers. If you

like the sentiment enough, retype the message and send it out yourself.

If retyping it is not worth your time, it’s probably not that important a

message.

3 NEVER download or open an attachment unless you know what it contains

and that it is secure. Turn off automatic download options in your

email program. Many viruses and Trojans spread themselves as “worms”

and modern worms often appear to have been sent by someone you

know. Smart worms scan your address book, especially if you use

Microsoft Outlook or Outlook Express, and replicate by masquerading as

legitimate attachments from legitimate contacts. PGP signing your emails,

both with and without attachments, can greatly reduce confusion over

virus-free attachments you send to colleagues (PGP is a software to

encrypt information, please see below under “Encryption”)

4  DON’T use HTML, MIME or rich text in your email - only plain text.

Enriched emails can contain embedded programs which could allow access

or damage your computer files.

5  If using Outlook or Outlook Express, turn off the preview screen

option.

6 Encrypt your email whenever possible. An unencrypted email is like a

postcard that can be read by anyone who sees it or obtains access to it.

An encrypted email is like a letter in an envelope inside a safe.

7 Use meaningful subject lines so the reader knows that you intended

to send the message. Tell all your friends and colleagues to always say

something personal in the subject line so you know they truly sent the

message. Otherwise someone might be spoofing them, or a Trojan might

have sent out an infected program to their entire mailing list, including

you. However, don’t use subject lines that give away secure information

in encrypted emails. Remember, the subject line is not encrypted and can

give away the nature of the encrypted mail, which can trigger attacks.

Many hacking programs now automatically scan and copy email messages

with “interesting” subjects such as “report”, “confidential” “private” and

other indications that the message is of interest.

8 NEVER send email to a large group listed in the “To” or “CC” lines.

Instead, send the message to yourself and include everyone else’s name

in the “bcc” lines. This is common courtesy as well as good privacy practice.

Otherwise, you are sending MY email address to people I don’t know,

a practice that is rude, offensive and potentially both frustrating and dangerous.

9 NEVER respond to spam, even to request to be taken off the list.

Spam servers send email to vast hoards of addresses and they never

know which ones are “live” – meaning that someone is using the email

address actively. By responding, the server recognizes you as a “live”

account and you are likely to receive even more spam as a result.

10 If possible, keep a separate computer, not connected to any other,

that accepts general emails and contains no data files.

11  You can also use either two addresses only to communicate between

them (as with the example of the two emergency phone numbers and

with the same rules). Or, one single address whose mailbox is accessible

to more trusted people of your organisation: mails will not need to travel

more than once and can be consulted by more. Remember that the more

people know about it, the less safe it is. Change the address from time to

time.