Email Security Best Practices

We wanted to provide some helpful best practices for email security as provided by our partners and security awareness experts, KnowBe4.  


  • Check the email 'From' field to validate the sender. This 'From' address may be spoofed.
  • Check for so-called 'double-extended' scam attachments. A text file named 'safe.txt' is safe, but a file called 'safe.text.exe.' is not.
  • Report all suspicious emails to your IT help desk.
  • Note that and are two different domains (and only the first is real).


  • Open any email attachments that end with: .exe., .scr, .bat, .com, or other executable files you do not recognize.
  • "Unsubscribe." It is easier to delete the e-mail than to deal with the security risks.  
  • Ever click embedded links in messages without hovering your mouse over them first to check the URL. 
  • Respond or reply to spam in any way. Use the delete button.

Back to Blog