How to keep your private email account secure

Email accounts aren’t compromised one by one, they’re cracked ‘en masse’ and then sold online.  In case you want a private email account, this will interest you.

According to account monitoring company LogDog, who recently took a fresh look at this burgeoning part of the underground economy, it’s such a lucrative trade that there are Dark Web sites selling nothing but login/passwords. For e.g., this is what accounts are currently worth on the Dark Web:

Service           Min. Price

Max. Price


Hackers in popular culture are like cyber-swordsmen who penetrate the armor of sophisticated adversaries and use social engineering attacks for dedicated targets.

We strongly recommend the following steps in order to secure your private email. Especially if you use your private account for both personal and professional purposes.

How to keep a private email account secure

1. Protect your password
Choose a strong password and don’t reuse it (having a good password manager may assist you in this regard). If you enter your password in some other website and it’s compromised, someone could try to sign in to your Mailfence account with the same information. Consequently never share your password (don’t write it down neither send it via online platforms). You should be the only one who knows it.

2. Enable two-factor authentication
Two-factor verification adds an extra layer of security to your account by requiring you to sign in with something you know (your password) and something you have (a code generated on your phone/tablet).

3. Check for unknown activities and review your alternate email addresses
Go to the Home (or click on Mailfence logo) within your Mailfence account and check the details under Account in the right column


If you notice unknown last connection details,in this case take it as a red flag and immediately change your password. Also, review your alternate email addresses, make sure they are still accessible/or has not been compromised, and level-up their security – as they will be used to reset your account’s password.

4. Beware of Social Engineering!
Social engineering is the most common attack vector that cyber-criminals use today. Never enter your password after following a link in an email message/attachment from an untrusted site. Always go directly to or Also, think twice before clicking on suspicious links from external websites (more details).

5. Check for viruses and keep your machine up-to-date with all the security updates
Check manually or run a scan on your computer with a trusted anti-virus software & remove any detected suspicious applications or programs.  On the other hand make sure to catch up with all the security updates (both for your OS and the programs being installed on top of it).

6. Avoid connecting apps to your email account
Giving a third-party app full access to your inbox makes you vulnerable to cyber attacks. The app can be compromised and, as a consequence, cyber criminals would gain unhindered access to all your emails and their contents.

7. Always log-out
Always log-out from all of the devices where your account has been logged-in. It will not only help you in securing your account from cookie based threats, but also from your colleagues/friends who may simply grab your phone to call their mom!

Note: Perform a monthly audit for all of your accounts and delete the one’s you don’t use. Also use disposable temporary accounts on sites which you just want to test/or use for a day or week.

Therefore, staying cautious and following sound practices will significantly reduce the possibility of your account getting compromised. Under this notion, using a secure and private email service remains the foremost step that you should take!

Useful articles

Get your secure email

Follow us on twitter/reddit and keep yourself posted at all times.

– Mailfence Team

Avatar for M Salman Nadeem

M Salman Nadeem

Information Security Analyst - Security Team | Mailfence

You may also like...