How To Use Your E-Mail Box Securely?

How To Use Your E-Mail Box Securely?

You most certainly have an e-mail box, which you use every day or almost to exchange with your friends, family, customers etc. This article is a guide to what you need to do to manage your e-mail box and does not turn against you one day. You will see nothing very complicated just some good habits to take!

Can I store in my e-mail box?

To answer you simply: no. I will take again the image that I like very much: imagine that you use your mailboxes like your box e-mail. How long do you think it will overflow? Not to mention the fact that it is very easy to have access to it at any time of day and night without arousing your suspicions.

You should not store in your e-mail box some sensitive items such as invoices, ID, passwords etc. After that you do not delete emails received from advertising etc. it’s your choice but honestly even an email sent by a friend once you’ve read it, you will not read it again let alone 6 months after. Delete it so it’s easier.

Another thing many people mistakenly consider is that the e-mail box is a safe storage place. No need to mention hackers, as I mentioned in my previous article, but do you really think that your e-mail account enjoys regular backup, which would be stored or for that matter? If you do not pay your e-mail account like at Gmail,, Yahoo, and others I have news that you will not like … These companies do not guarantee you any backups or durability of your data.

The risks of keeping these emails?

By keeping some e-mails you leave too precise information on your habits and your consumptions on the Internet which could be used to make spear phishing (I invite you to reread my article on the subject  Difference between phishing and spear-phishing ) against you. Besides that in bills or some emails, you have very personal information by moment, phone number, full address, name, and surname.

You will see case by case in this article how to treat your emails according to their type.

1 – The e-mails of your orders on the Internet and tracking of parcels

We will treat both types of e-mail in the same way.

If you buy regularly or not on the Internet you have almost always during a purchase an e-mail to confirm your order, then your invoice (which can be in the first e-mail) and finally you will receive an e-mail of parcel tracking.

My advice :

  1. For emails command, you can delete them directly
  2. For invoices, print or save the PDF in a storage space.
  3. For tracking, codes write it down somewhere or keep the email until you have received your package upon receipt delete the email

2 – Invoices from my suppliers

You also receive e-mails with invoices from your suppliers such as your EDF bill, telephone bill or other services that you have subscribed. For these e-mails, you have two cases the first one the e-mail informs you that your invoice is available and the second case you find in the e-mail the invoice in the attachment.

My advice :

  1. If the email is just to notify you of the availability of your bill in your deleted customer space simply
  2. If the e-mail contains your invoice, you can print it (in the company you have to print it), store the invoice in a storage space and delete the e-mail
  3. If the e-mail contains your invoice and the invoice is also available in your customer area to save the planet do not print delete the e-mail if necessary you can always go to your customer area.

3 – E-mails containing quotes or quote request

In business or even privately at some point you will receive quotes by e-mail, you have the same risk as mentioned above this information is sensitive too. What to do? Print it, anyway if you validate it you will have to sign it to validate it and delete the e-mail. Do not forget to write down the e-mail address that you must answer to validate or ask questions.

In business, if you keep only the requests for quotes in your e-mail boxes there is a concern for the organization. Without going into the management of a CRM etc., I advise you to print it to process it and delete the e-mail request of course after you are sure to have the e-mail of the sender.

4 – E-mail containing passwords & confirmation of account creation

You have probably already created accounts on Internet sites, online sales, for taxes, on various services such as EDF, GRDF or your fixed and mobile telephone operators. Very often you will receive an e-mail confirming the creation of your account, in this e-mail you are kindly reminded of your user ID and sometimes your password. The first is less important because in 80% of cases today it is your e-mail address.

However, if you have the password in this email, whether you have defined it or that it was generated by the site, you will have to store it in a place on and delete this email once the information saved.

If ever the email you receive contains only your same password board as above saved it securely and deleted the email. This kind of e-mail will be sent to you very often when you use the lost password procedure on a website.

5 – In-house emails for information on folders

Do you work in a company or the corrections and request often arrives by e-mail? If you have not been asked yet, please do not forget to keep them in your e-mail box. It is important for you to keep them for follow-up for your client/prospect, but their place is not in your mailbox. Ideally, you have a CRM and therefore any important emails or containing information (other than passwords or identifiers) for the proper conduct of the project should be stored in your CRM.

For those who do not have CRM, you can do a simple procedure with storage on NAS, or other secure storage space, especially in the cloud. But if the e-mail is really too important printed it and filed it in the folder in question and in addition kept a digital copy in a secure space.

Once all that is done you no longer have to delete it!

ALSO READ  6 Hidden Vulnerabilities Healthcare Should Address for Cybersecurity Efforts

6 – Spam, unwanted e-mail and newsletter

As you may have read in my article:  How to unmask a malicious e-mail and what to do next,  you know what to do for malicious e-mails, the same is true for those you do not have solicited as advertising once read you just have to delete them.

For newsletters or you have signed up once you have read it honestly you will one day come back to read it? I do not think, deleted after reading or a few weeks after because after a month you will have already forgotten what interested you in this e-mail and so falling back on you will waste time.

7 – The e-mails of friends and family

For this, it’s up to you to see, but often these emails contain information or personal requests. Once treated and assimilated remove it all the more if you have been sent family photos attached save also in a storage space.

A little aside, we’re talking here about e-mail, but ask yourself what you do on social networks

8 – Pay, bank statements and insurance statements

If you are one of the people who has accepted to receive their payslips by e-mail, I strongly advise you to print them and to classify them and remove them from your e-mail box as soon as possible. As a reminder, this information will be asked for your retirement and other important steps such as credits and even for training such as pedelecs

In other words, I advise you to keep a copy in a secure storage area. You will have to treat your bank statements in the same way as well as the reimbursements for illnesses. All these documents are very valuable, they could notably facilitate the usurpation of your identity by a pirate.

Bank statements and your payslips will make it easier for cybercriminals to do phishing.

9 – The others?

For all your other e-mails … Delete them, because we swept all the cases so if it is not in it is that it is not important. In fact, you just have to ask the question: ” Do I have to keep track of this information? “, If the answer and yes printed it or stored it on a storage space depending on its importance.

10 – How to manage your sent messages

You’ve had tips on how to handle the emails you’ve received, but here are some tips for managing your sent emails. If you ever need to send a password by e-mail or login to a customer, remember to delete the message in your “sent messages” folder. Indeed this file is often a gold mine in business to retrieve information!

Ditto if you sent invoices and/or signed quotes or ID to validate the creation of an account etc, do not forget to delete them.

Managing your “sent messages” folder is simple, it must be empty.

For reasons of proof in business do not hesitate to keep a digital or paper copy of the e-mail sent (secure storage or CRM).

11 – How to reply to an e-mail

Answering an e-mail is a combo with an e-mail received and an e-mail sent. I explain, moreover it is valid for e-mail transfers. Often when you reply to an e-mail you have at the end of the e-mail the copy of the e-mail to which you reply, but if ever in this e-mail, there were login details to an account? Well by answering you send your username again and nothing guarantees that your contact manages your emails according to the best practices.

And besides this e-mail will be written in the copy in your sent message directory … Also, beware when you transfer an e-mail to another person to be vigilant that in what you transfer there is no confidential information that the interlocutor does not need to know.

Very often I have copied e-mail recipient or the person transferred me a colleague’s e-mail for a minor intervention or in the e-mail I have the history of their answers; sometimes with passwords with an ID that I should never know about.

12 – How to send an e-mail

When you send an e-mail with sensitive information about yourself or your recipient do not hesitate at the end of your e-mail to put a sentence inviting him to delete this e-mail at the reception to avoid any leakage of data. You even have the right to link him to this article!

13 – And the basket?

If you have an e-mail in your trash it’s like for your office basket, unless you’re mistaken, you have to empty it. You have some e-mail providers that offer you to empty your trash when you log out, very convenient!

A little advice all the same before emptying the trash check that you have not mistakenly deleted a very important e-mail. For information generally, the baskets are emptied every 30 days at most e-mail providers. If your IT department manages it for your business, ask them for the shelf life.

But emptying it once a week is a very good idea, see it every day.

14 – Add a backup e-mail

In solutions that provide an e-mail service that is free or paid very often nowadays, you have the option to add a backup e-mail. If you are not like me to have 15 mailboxes e-mails and you have one do not hesitate to put that of your spouse, parent, a child in an emergency e-mail.

Why? Simply that if there is a questionable connection to your e-mail box or suspicious connection attempts or simply to recover your password this e-mail will be used, it will receive an e-mail alerting fraudulent connections or attempts. Not convinced? For the anecdote, from my profession, a member of my family added one of my e-mails as a backup e-mail which allowed to realize in 10 minutes that his account had been hacked.

I was able to intervene directly to secure the account with the password and go back to a layer of awareness etc.


You now have all the cards in hand to manage your e-mail box! It is very important to make everyone aware of these good practices. As seen especially when sending an e-mail it does not take your case to delete sensitive information, but also to the recipient.

You must also ask yourself the following question: ” Is it really by e-mail that I should communicate? ” You will see that often the answer is no, but it has become so easy that in the end, it is up to the use for me one of the worst means of communication of certain information.

Also published on Medium.