Please, Please, PLEASE Don’t Include Sensitive Info in Your Emails

Email is a great communication tool. However, certain things are just unsafe to communicate via email.

Let’s go through a list of such things. Better safe than sorry, after all.

What Should Never Appear in Your Inbox?

Passwords/Other Authentication Credentials

The advice is simple enough: don’t share credentials you use through email. While email is relatively safe, and you can delete messages on your end, you cannot ensure that the message is appropriately deleted and the recipient adequately protects the data. Plus, emails can be hijacked if either account is compromised, and you won’t know if that is the case until it’s too late.

Payment Card Numbers and Financial Details

Similarly, you should avoid sharing any payment or card details via email. It doesn’t matter how diligent you are about keeping your email cleansed of sensitive information… it is all about how diligent the person on the other end is. Unfortunately, you can’t assume they’ll respect your data security as they should.

Documents Under Attorney-Client Privilege

Are you starting to see a pattern here?

Privileged information should never be sent via email simply because—again—you have no way of guaranteeing that someone without privilege will not view it. These kinds of documents need to be handled much more carefully than to send them through any email platform.

Social Security Numbers

Considering how much official business a Social Security number is used for, it has been drummed into most of our heads how important it is to keep it secure. However, many people won’t think twice before sending this critical number in an email… a communication method that isn’t secure enough for all the same reasons we’ve already discussed. Unfortunately, this is too often overlooked, and an email’s security is overestimated.

Financial Account Numbers

This is extremely similar to the payment card situation we already addressed, except that access to a financial account would allow someone to take the funds and disappear with their ill-gotten prize. Therefore, sharing any financial information—such as account numbers—via email is also a bad idea, and any messages that contain it should be encrypted first.

Protected Health Information

Protected health information is extremely personal and private, not just because it reveals an individual’s most intimate details but also because these details can be used to a cybercriminal’s advantage in numerous ways… not to mention interfere with medical care.

State ID Numbers

This one—a state employer ID or state EIN—is used to help identify businesses for tax purposes and other governmental interactions. As such, it is extremely important for your business to protect, as scammers could use it to pose as a business representative and cause no shortage of headaches and confusion. This number could allow a cybercriminal to steal any tax returns due to your business, order goods as your business and stick you with the bill, or apply for unwanted loans that you would be on the hook for.

Long story short: don’t send these numbers in an email.

Driver’s License Numbers

If a cybercriminal were to gain possession of a driver's license number via one of your emails, they would have a key factor in perpetrating various crimes, posing as whoever’s license they had a number for. As such, a scammer could use this stolen identity to do a variety of things, from opening new financial accounts to filing for assorted benefits to claiming prescription medications to running more scams in your name (and everything in between). Again, the risks are not worth it.

Passport Numbers

Much like the aforementioned driver’s license number, a passport number in the wrong hands can accomplish many of the same scams and criminal activities. Lines of credit, government benefits, and more can all be claimed using a passport number as identification. As such, it is important to protect this number, and sharing or storing it in an email is not the way to do so.

It is Important to Be Vigilant When Composing an Email

Don’t let a fundamental mode of business communication be what makes your business vulnerable. Directive can help you keep your business email secure. Give us a call at 607.433.2200 to learn more.