Not making an active effort to protect your emails can result in an open door that’s too tempting for hackers to resist. Thankfully, switching on these settings will help to keep them out—and they don’t take long to get up and running.

6

2FA Via an Authenticator App

One of the easiest ways to reduce the risk of having your emails hacked is by enabling two-factor authentication (2FA). Even if a hacker correctly guesses your password, they’ll have to verify their identity in another way that they probably won’t have access to. It’s one of the best forms of multi-factor authentication (MFA).

You can turn on 2FA in many ways, but I recommend using an authenticator app. For example, I use Google Authenticator. Many password manager tools have their own version, and the differences between them are few and far between.

Once you’ve switched on 2FA via an authenticator app, you’ll typically see an ever-changing code you’ll have to enter when prompted. In some cases, you can scan a QR code instead.

Signing into accounts with your email address is often easier than setting up a separate profile and creating a new password. But while it’s helpful to easily log into services you frequently use, providing third-party tools access to your email can put you at risk.

While many tools you use with your email will have robust security infrastructures, this isn’t the case for all of them. You should be particularly careful when signing up for new tools that haven’t yet been tested over extended periods. If the app or service later becomes obsolete and no longer receives updates, hackers could expose this flaw.

Only keep access to the third-party tools you use frequently. You can go to your email account’s settings and remove access to apps you no longer want to access; make a habit of doing this at least once every few weeks. Take the same precautions when signing in with your social logins, too.

4

Using Your Email’s External Image-Loading Feature

While normally fine, external images can sometimes present a security threat and a hacking loophole. For example, cybercriminals might inject code or add tracking pixels to the spam mail they send. Unless you 100% trust the sender (or it’s evidently from a verified company account), you should tread carefully when accessing external images in your email.

Using your email client’s image loader can reduce the risk of hacking by ensuring your data stays safe. For example, Outlook has a feature that allows you to do precisely this.

1. Go to Settings > Privacy and data > External images.
2. Tick the circle next to Always use the Outlook service to load images.

Not using this tool is one of the many email security mistakes you can make. If your email client doesn’t have such a feature, you may want to consider switching to a different service.

3

Strict Incoming Email Handling

Your email account is, unfortunately, the starting point for many scams. You’re likely to receive more scam and phishing emails than real correspondence, which means you need your email account and service to have a great spam filter. While many email clients are good at filtering out spam and phishing emails, they won’t catch everything, and you shouldn’t trust them to do so, either.

Instead, you should use them as an initial filter, but then take matters into your own hands. Most email clients allow you to individually choose who is allowed to send you emails, using a whitelist approach.

Since you have full control over who can send you emails, you’re less likely to fall victim to hacking. Moreover, you’ll protect yourself from other email security threats, such as phishing.

2

Blocking Attachments

While blocking external images will help reduce your chances of getting hacked, you may want to take things a step further and block attachments from senders you don’t trust. With some tools, you can block anyone who isn’t on your safelist from sending you images, documents, and other content that could pose a security threat.

Besides adding safe senders, you can allow attachments from people in your contacts or on your list of trusted domains. Moreover, you have the option to add safe mailing lists. You don’t need all of these features enabled, but having at least one of them switched on is a good idea.

1

Strong Passwords

Even with every form of online authentication, having strong passwords is still one of the best ways to prevent your email account from being hacked. These days, it’s easier than ever; password-generation apps, such as Apple Passwords, will create a hard-to-guess password for you in less than a minute.

All of your email account passwords should be original. Even if your password is hard to guess on one account, it shouldn’t be reused. If your data is ever compromised, you’ll needlessly increase the threat of hacking against multiple accounts.

You can also switch to passkeys, which—besides protecting from hackers—can also act as a phishing-resistant password alternative.

Protecting your email account from hackers doesn’t need to be strenuous. With a few simple steps, you can keep your information safe and continue getting the benefits of email with fewer of the downsides. Adding multiple layers of security will reduce the chances of something bad happening even more.