Email has become an essential pillar of our digital identity. If malicious actors gain access to your email account, they can use this access to change passwords and thereby gain access to other non-email accounts.
Bad actors have increasingly focused on taking over email as a passport to other account takeovers, including social media, finance, digital identity, and buying or selling. credit identity theft, among others. Here are some of the things you can do to be proactive in protecting your email accounts:
Use a strong and robust email password.
Make sure that your password is unique, that it is not used for other accounts, that it is not easy to guess, and that it is changed if you notice anything suspicious.
- Refer to the FTC Password Checklist for current guidelines.
- When changing your password, make sure that the new password is (i) completely different from the previous password, (ii) unique, (iii) more than eight characters, and (iv) has a strong mix of uppercase and lowercase letters, numbers and special characters.
Review the two-factor authentication options.
Review your email account options and encourage your provider to notify you every time you access your account from a new device.
Check the account settings and security features of the email provider.
These features may include: notifying you of suspicious login or login attempts, improved password change requirements, enabling a trusted recovery contact, and additional authentication to protect your account.
- Regularly check your email account settings related to email forwarding, security and privacy.
- Be on the lookout for suspicious inbox activity like missing emails or a large number of unexpected emails from third parties. If in doubt, secure your account!
Use caution when accessing e-mail from unsecured, public, or “free” Wi-Fi hotspots.
Best practice suggests using a secure VPN connection or a secure and trusted WiFi connection when accessing your personal accounts.
Be on the lookout for phishing emails.
Refer to the FTC’s phishing awareness page for current guidelines. Common phishing tactics or identifiers can include:
- A proactive request for sensitive information that you did not initiate.
- Spelling or grammar errors.
- Urgent instructions to click on a link, attachment, or download a file, even if it looks legitimate. The emergency can take the form of a threat to cut off service or a reward that must be claimed immediately.
- Messages from unknown e-mail addresses or from a domain that does not match the sender (eg search for “domain.com” versus “d0main.com” or “domain.com.xyx”).
- Pro tip: Hover over the sender’s name to confirm the email address, and watch out for minor typos.
- As a best practice, if you think a post might be phishing, do not respond to it or click any of the links it contains.
- If you would like to report a suspicious email claiming to be from Verizon, please forward it to [email protected] We will review and investigate it, and we will contact you if we need any further information. Please note that when you forward an email to our phishing inbox, you will receive an automatic confirmation and we will review the information you provided. We will only contact you directly if we need additional information.
We all have a role to play in information security. Good email hygiene is a key factor in securing your online accounts and digital identity.
Visit the Verizon Account Security and Fraud Claims Hub for additional tips on how to protect your Verizon accounts.