Email security and privacy awareness course

To mark the end of the year, we thought it is useful to propose email security and privacy course to enrich the learning and awareness of our users. For that reason, we made a content-based course by putting together all the important and related aspects of email security and privacy.
The entire course takes around an hour of reading. We have presented it in a number of short blog posts categorized into three parts. The course itself is easy to understand. We hope our course will help you in raising the bar of your email data security and privacy!
Set your personal threat profile
We do realize that many people can feel overwhelmed by the number of tips and recommendations put forth. This may make you feel like there’s little hope out there, and that many of the tips are for security experts.
Essentially, it is about finding a good balance between security and convenience. So, you just need to determine yours.
- Assess the risk you are comfortable with
This will allow you to identify what security measures are relevant to you. For example: do you feel you need to send all your text messages with end-to-end encryption via a specific app?
- Security precautions can range from easy one-time changes to long-term shifts in habits
Security takes work. Doing nothing is so much easier than doing the work needed to make yourself more secure.
- Just because you are not at ease with technology does not mean you can ignore security
A good judgement is always needed, but it is worth doing a little internet surfing if there is a term you are not familiar with before ruling something out.
After setting your personal threat profile, you will be in a position to see which advice/tip suits you best.
This email security and privacy course addresses most of the common threat models of end users.
Email privacy and security awareness course: Part 1
- Protect your data – 4 min read
Protecting your data is the very first step in securing your digital life, therefore do not hesitate to take action.
- Protect your device – 3 min read
Protecting your device is the second and most important step. Therefore, you need to understand that your device is the gateway to your digital life. The more secure it is, the more effective your defense measures will be.
- Keep your email account secure – 2 min read
Securing your email account means protecting your online identity since your email address is associated with almost everything you do online.
- Bad Password Habits – 3 min read
Following good password habits is a key factor in making all of your online and offline defenses stronger. There certainly are password managers, that do a great job. However, avoiding bad password habits is something that you should do yourself.
- Social Engineering
Humans are considered as the weakest link in any sort of defense. The thing that make us vulnerable is the tendency to trust someone or something based on certain criteria. This section will briefly go through different kinds of social engineering.
– What is Social Engineering? – 6 min read
– Social Engineering: What is Tailgating? – 2 min read
– Social engineering: Quid Pro Quo attacks – 2 min read
– Social Engineering: What is baiting? – 2 min read
– Social Engineering: What is pretexting? – 3 min read
– Social Engineering: What is Phishing? – 5 min read
– Social Engineering: What is Spear Phishing? – 11 min read
– Social Engineering: What is Vishing? – 5 min read
– Social Engineering: What is Smishing? – 3 min read
– Social Engineering: What is Scareware?– 7 min read
– Social Engineering: What is Shoulder Surfing?– 5 min read
– Tips on how to avoid social engineering schemes – 3 min read
Email privacy and security awareness course: Part 2
- Prevent your device on becoming a zombie? – 3 min read
Lets now discuss some of the consequences that could occur in case your device or account gets affected with a malware. We’ll also go through the steps that you can take to avoid such a situation.
- Protect yourself from ransomware – 3 min read
Another potential consequence of a compromised device or account is ransomware. This post will discuss the related aspects in detail.
- Email privacy expectations! – 4 min read
The myriad ways we send, receive, store, and use email messages make securing and enhancing email privacy a very difficult problem. This blog post gives you an overview of resulting privacy issues.
- Safeguard your online privacy – 2 min read
Are you in control of your online data? This blogpost gives some steps you can take to improve privacy of your online data.
- What is Email Spoofing and How to Spot it? – 4 min read
Email addresses can be forged to look legit. This blogpost gives you tips to spot email spoofing and solutions against it.
Email privacy and security awareness course: Part 3
- Protect your data when crossing borders – 4 min read
It is important to understand your rights in order to protect your data when crossing borders. This post will discuss the related aspects and some of the protection measures that you can take.
- Protect your devices when traveling – 4 min read
This blogpost expands further on protecting devices while traveling in particular.
- Virtual machine: why use it? – 3 min read
Do you like isolating your digital workspace? This blogpost give reasons to use a virtual machine or VM from security and privacy stand-point.
- Steps to take when your Email is hacked! – 4 min read
Useful resources
Taking measures and following good practices are great but they don’t guarantee that your account will never be compromised. This blogpost provides some immediate steps you can take to regain access to your account and prevent future hacking attempts.
At Mailfence, not only do we aim to make our platform more private and secure, we also try to make our users aware of the importance of improving their email security and privacy in general. Following are some of the direct links of Mailfence specific blog posts:
- Mailfence design philosophy
- Mailfence threat model
- High-level security analysis
- Why mailfence is a unique secure and private email service
- Mailfence transparency report and warrant canary
- Mailfence and user data security, privacy and anonymity
- Harden your Mailfence account
- Send email anonymously using Mailfence and Tor
- Using a VPN & Mailfence
We believe that a secure and private digital world can only be achieved if both the creators and users play their respective parts. We hope that this course will prove useful, while we continue to strive in making your emails more secure and private.
However if you still have some friends/colleagues who would ask why to take such a course, then following comic will suffice.

Should you have any more questions, please don’t hesitate to let us know.
Follow us on twitter/reddit and keep yourself posted at all times.
The Mailfence Team
Salman works as an Information security analyst for Mailfence. His areas of interests include cryptography, security architecture and design, access control and operations security. You can follow him on LinkedIn @mohammadsalmannadeem