Using business best practices for spam protection

Learn about best practices in protecting your business from spam as well as how to educate your employees.

On this page

Understanding best practices

If your business has a technical support department, talk to these experts about best practices in cyber safety to ensure you know what the latest recommendations and technologies are.

If your business is smaller and you must make these decisions and investments yourself, it pays to read up on current best practices so you can ensure that you and your employees are using them.

Generally, best practices to combat spam and the threats it can carry (such as malware and spyware) include:

  • implementing a spam filter
  • not clicking on suspicious links
  • keeping employee and customer emails confidential
  • encrypting data by enabling HTTPS for web-based email
  • setting strict password standards for all email accounts

For further details about these practices and other cyber safety tips for businesses, see:

Educating your employees

As a business owner, you need to know how to protect your company from spam—but it’s also important to make sure your employees have the same information.

Ask your employees to use good judgement when deciding whether to open unwanted messages. If it looks suspicious, it may be malicious spam. Unfortunately, there is no way to know for sure whether or not a message is safe. The best you can do is reduce your risk by thinking carefully and following these tips.

If an electronic message seems at all suspicious, don't respond. Never reply to or click on a "remove" or "unsubscribe" link in a suspicious spam message. If you do respond, it can confirm your address and cause your business to receive more spam.

Advise employees to beware of clicking on links in suspicious emails. Such links may take them to an unsafe website without realizing it.

Attachments included in emails may contain software that could harm your company's computer network or steal confidential information. Malicious software can corrupt your computer network and computers, block access to your data or take over your company's email accounts and use them to send viruses to other people. Caution employees to assess emails with attachments carefully, even when they appear to come from someone they know.

Educate employees about the nature, risks and differences between email scams, phishing attacks, botnets, viruses and trojans. Teach them how to spot risky URLs. A good practice is to type URLs into the browser’s address bar manually instead of clicking on email links.

Insist on password safety. Have employees use complex passwords and change them frequently. Remind them not to write passwords down on papers they leave out on their desks. For more information, see Tips for mitigating password reuse risk and Tips for creating and managing your passwords.

For more details about these strategies as well as other ideas, see the Canadian Centre for Cyber Security’s Educate Your Employees on Cyber Safety.