Every morning, we scan through dozens of emails, but unknowingly put our security at risk. Those seemingly harmless clicks and routine habits developed over years of email use are exactly what cybercriminals count on to succeed with their attacks.

4Shortened URLs Hide Dangerous Destinations

Shortened URLs look innocent enough, and those tiny bit.ly andtinyurl.com links save spaceand look cleaner. But the problem is that you can’t see where they actually lead until it’s too late.

Cybercriminals love URL shorteners because they effectively mask malicious websites. That “helpful” link claiming to verify your account could redirect you to a convincing fake login page designed to steal your credentials.

Illustration of a browser with a link being shortened.

Most email clients don’t preview shortened URLs, leaving you completely blind to the destination. Even hovering over these links often shows nothing more than the link shortener’s domain, not the actual target site.

Before clicking any shortened link, expand it first. You canuse a URL checkerto reveal the true destination safely. Once you find out the long URL, scan it withVirusTotalorURLVoidfor any red flags. These simple steps can save you from phishing attempts and malware downloads.

An iPhone user unsubscribing from a spam email-2

When in doubt, the safest approach is to navigate to the website directly instead of clicking the link. Most legitimate companies include their full website address in emails anyway. If you still receive suspicious emails regularly, consider implementingrules to block phishing emails from your inboxentirely.

Some URL shorteners offer preview features, but don’t rely on them completely, as determined attackers can work around these protections.

a cloaked hacker in front of a computer with a glitch effect and some text elements

This confirmation makes your email worth more on the dark web. Verified active addresses sell for higher prices to other cybercriminals, meaning more spam, phishing attempts, and potential security threats heading your way.

I Tried a Dark Web Monitoring Service—Here’s What I Found Out

Your data might be on the dark web. Mine was.

2Auto-Loaded Images Give Away More Than You Think

Most email clients automatically load images when you open messages. That seems harmless, but it isn’t.

Senders embed tiny 1-pixel-by-1-pixelemail tracking pixelswithin those images, which report back to senders the moment they load. These pixels can reveal when you opened the email, what device you used, your approximate location, and even your IP address.

Gmail with status bar showing that a tracker is blocked.

Marketing companies use this data to build detailed profiles about your habits. But cybercriminals exploit the same technology for more sinister purposes, such as confirming active targets and gathering intelligence for future attacks.

Some malicious images go beyond tracking. They can exploit vulnerabilities in image processing software or redirect to dangerous websites when clicked.

If you want convenience without compromise, browser extensions likeEmail Privacy Protectorcan block tracking pixels while still displaying images. However, I also use othereasy methods to block email tracking pixelsentirely.

There are some trade-offs between convenience and privacy, but knowing what’s happening behind those automatically loaded images helps you make informed decisions.

1Document Attachments Need Verification First

Email attachments are cybercriminals' preferred method of delivering malware, and they’ve become increasingly sophisticated in disguising threats. That “invoice.pdf” might actually be “invoice.pdf.exe”—a malicious executable masquerading as a document. These double extensions exploit Windows' default setting of hiding file extensions, making dangerous files appear harmless at first glance.

Even legitimate-looking file types can harbor threats.Cybercriminals often use EXE and PDF file types to hide viruses, turning everyday documents into Trojan horses that install malware when opened.

6 Easy Ways to Check If a Downloaded File Is Safe Before Using It

Your downloaded file could be malware—but there are some easy ways to check.

Don’t forget to verify any attachment that seems suspicious before opening it. Verify the sender through a separate communication channel if you can. Additionally, you should run a virus scan tospot and avoid malicious attachments.

Check file types carefully byenabling file extensions in Windowsso you can spot suspicious double extensions. I always try to be wary of executable files (.exe, .bat, .scr) and macro-enabled documents (.docm, .xlsm) from unknown sources.

When in doubt, upload suspicious attachments toonline virus scannersbefore opening them locally. Your antivirus software provides an additional layer of protection, but human vigilance remains the strongest defense against attachment-based attacks.

Email security doesn’t require paranoia; it just requires awareness. These seemingly innocent habits have tricked millions of people, but recognizing them puts you ahead of most. Take a moment to think before you click, and those split-second decisions will protect you from cyber threats.