A Simple Tip to Secure Email

Dennis Faas's picture

In many ways, e-mail is the perfect marriage between technology and the human personality. Where else can we express ourselves in such a personal way online? Though some would argue that instant messaging is a more convenient communication technology, e-mail would still get my vote, all things considered (instant messaging is still a bit too disruptive for my taste).

By all accounts, e-mail has literally revolutionized the way people communicate with one another. And as much as I love e-mail, it needs to be secured just like any other application.

In fact, e-mail is often the attack vector for a whole slew of hacks. Viruses, worms, social engineering, phishing, and other nasty attacks have all tried to slither through an e-mail message. Therefore, I want to share with you one security tip you can implement right away that will reduce your risk level. Are you ready?

Turn Off HTML

If you could only do one thing to better secure your inbox, turning off HTML mail should be at the top of your list.

Many of today's attacks that come through e-mail rely on the ability of the victim's e-mail program to render and display HTML. While the visual appeal may be impacted, overall security is improved -- substantially.

For example, turning off HTML would have prevented the I Love You worm of 2004, since it exploited an ActiveX vulnerability within Internet Explorer and was executed by viewing or previewing an infected e-mail message (source: Expita).

So how do you go about turning off HTML capabilities in your e-mail program?

Depending on the program you're using, the instructions will vary slightly. Here are steps to turn off HTML capabilities in three popular programs (kudos to pcWorld.com for the tip):

  • For Outlook 2003: click Tools -> Options -> Preferences -> E-mail Options and check "Read all standard mail in plain text".
  • For Outlook Express 6: click Tools -> Options -> Read, and click "Read all messages in plain text".
  • For Mozilla Thunderbird: click View -> Message Body As, and select Plain Text.

Although this security tip isn't completely foolproof, stripping HTML capabilities from your e-mail program will reduce online risks substantially.

For more great tips like this one, be sure to download David's free security newsletter to your mailbox, today!

Rate this article: 
No votes yet