Blog | G5 Cyber Security

Outlook Email Deletion Security

G5 Cyber Security

TL;DR

Deleting an email in Outlook (OWA) can trigger exploits, but it’s rare and usually relies on malicious attachments or links within the email itself. Modern Outlook has strong security features, but staying vigilant with suspicious emails is crucial.

How Email Deletion Can Be Risky

Deleting an email doesn’t immediately remove all traces of its content. Several things can happen that could lead to a problem:

1. Malicious Attachments

  1. The Risk: If you open a malicious attachment before deleting the email, the malware may already be active on your system. Deleting the email won’t undo that.
  2. Protection: Never open attachments from unknown senders. Even known senders can have compromised accounts.

2. Tracking Pixels

  1. The Risk: Some emails contain tiny, invisible images called tracking pixels. When you open the email (even briefly), these pixels download and tell the sender your email address is valid and active. This confirms you’re a target for further attacks. Deleting the email after opening it doesn’t stop this initial information leak.
  2. Protection: Outlook often blocks tracking pixels by default, but check your settings (see Step 5).

3. Phishing Links

  1. The Risk: Clicking a phishing link in an email takes you to a fake website designed to steal your login details or install malware. Deleting the email after clicking the link doesn’t prevent the damage.
  2. Protection: Hover over links before clicking them to see where they lead. Be wary of shortened URLs (e.g., bit.ly) and websites that don’t use HTTPS (look for a padlock icon in your browser).

4. Exploits Targeting Outlook Itself

  1. The Risk: Very rarely, vulnerabilities exist within Outlook itself that could be triggered by specifically crafted emails. These are usually patched quickly by Microsoft.
  2. Protection: Keep Outlook up to date (see Step 6).

5. Check Your Outlook Web Access (OWA) Security Settings

These settings help protect you:

  1. Block External Images: Prevents tracking pixels from downloading.
    • Go to Settings > View all Outlook settings
    • Navigate to Mail > Layout
    • Under External images, select Don’t download external images automatically.
  2. Phishing Protection: Ensure Outlook’s phishing filters are enabled.
    • Go to Settings > View all Outlook settings
    • Navigate to Mail > Junk email
    • Check the options under Filters and actions. Make sure ‘Turn on safe links’ is enabled.

6. Keep Outlook Updated

Microsoft regularly releases security updates to fix vulnerabilities.

  1. Automatic Updates: Ensure automatic updates are enabled for your operating system and Office suite (which includes Outlook).
    • In Windows, go to Settings > Update & Security > Windows Update.
    • Within Office apps (like Word or Excel), go to File > Account > Update Options > Update Now.

7. Report Suspicious Emails

If you receive a suspicious email, report it to your IT department or Microsoft.

8. Use Strong cyber security Practices

  1. Use a strong password for your Outlook account.
  2. Enable two-factor authentication (2FA) if available.
Exit mobile version