You probably already know that email security is a serious thing. We all live with protections against viruses, spam, and random junk built into our email software. There are so many layers of protection that it's easy to let our guard down.All it takes is one little mistake, and your entire day, week, or even your credit score could be ruined.
Typically, all the layers of protection exist on a desktop computer. There are many different companies that sell anti-virus and anti-spam software, and each one will scan every email for potential threats. Found virus threats are usually deleted immediately by the software on your computer, but oftentimes the junk mail is marked with notices like *SPAM* or [AntiSpam].
Popular webmail systems like Hotmail, Yahoo, and Gmail will also delete viruses automatically and they move suspected spam to a folder they might label as Bulk Mail, Junk Mail, or Spam. It's up to you to peek into that folder every once in a while to make sure noting important got misfiled.
Hopefully everything I've mentioned so far sounds familiar, and perhaps it's second nature to you to the point that you don't even think of it any more. Your desktop computer protects you and makes you feel safe and secure.
But what about your smartphone; do you let that sense of security transfer to your smartphone?
If not, you're setting yourself up for massive trouble.
As the smartphone and tablet continue to grow into all aspects of daily life, it's only natural that you will eventually want to read your email on them. From a business point of view, this is the next step in the evolution of unchaining yourself from your desktop computer, and what you will need to do to provide faster customer service.
Customers are usually very surprised when you reply back to their email within a few minutes of receiving it, rather than once a day when you next sit at your computer. Personally, I find it a huge benefit to glance over my email on a smartphone because it gives me more time to formulate a reply before I sit back at my computer.
Of course there's never a positive benefit without a negative aspect.
While most viruses are now blocked by your ISP before they get into your inbox, many spam emails and phishing attempts won't be. These spams and phishing emails will successfully make it to the inbox on your mobile device without any *SPAM* or [AntiSpam] warning.
This is where you could lose a lot of money.
The spam emails aren't so bad to deal with on your mobile device. It might take a few extra second to delete them; it's the phishing emails that are harmful.
Here's the explanation of "Phishing" according to Wikipedia:
Phishing is the act of attempting to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an email.
In other words, phishing emails appear to come from a legitimate source when in fact they are forgeries. The forger, or "phisher," usually includes a link in the email that directs you to an equally legitimate looking website address.
The phisher's hope is to convince you to click the link in the email and trick you to log into their fake website with your real username and password. Their ultimate goal is to then trick you into entering your banking or credit card information.
There's usually some tell tale sign that makes these phishing scams recognizable on a desktop, but it's more difficult to recognize them on a mobile device.
One popular phishing attack method is to embed the entire message of the email into a single large image. While your desktop computer will probably block images from auto-loading--a surefire sign of a scam--all the mobile devices I've used don't have that protection. On a small screen, it's very difficult to quickly tell the difference between real text and an image.
With all this in mind, here's how you should be protecting yourself when reading email on your mobile device:
Limit your trust
Never give your immediate trust to an email from any banking institution.
Watch out for links
Be wary when you click any link in an email from any company that has your financial information on file. This includes your bank, cell phone carrier, cable service, storage facility, etc. Then think twice before typing your login information on any website that link brings you to.
Look for the URLs
Pay attention to the website address in your mobile browser. This might be especially tricky since the mobile browsers now hide the true URL of the website you're visiting. Take a look at this example:
(click to view larger)
That image shows a screen shot from an Android is on the left, and an iPhone is on the right. The website shown would look legitimate for anyone using that company, but the URL is the dead giveaway that something is wrong.
An even more devious programming trick (not shown above) is to use JavaScript to hide the URL bar on a mobile device. You might not even notice that the URL is hidden before entering your sensitive information.
You are your own last defense against phishing attacks. Paying attention to the URL is the only real way to stop yourself from ruining your day.
Let's say your day is ruined. What do you do then?
As soon as you realize that you fell prey to a scam? you need to notify any financial institution whose information you had on file with that company. Call your bank and cancel the credit card you entered into the bogus website.
You also need to change your password immediately. Even more important: you need to change your password on any other website that might have the same username and password combination.
These phishing scams are bad news, but hopefully this information will help prepare you for them the next time they appear on your smartphone.
It's a good idea to read your emails on your smartphone; just be wary that you're not fully protected.
