Using your email accounts responsibly at the RNLI
The way we use our email accounts plays an important role in protecting our own data and RNLI systems from phishing attacks and data breaches. Cyber threats are becoming more common, with criminals using artificial intelligence to create increasingly sophisticated and personalised attacks.
Many RNLI volunteers rely on personal email accounts for their role – please see this advice to help keep your accounts safe when undertaking RNLI activity.
Using a personal email account
Please ensure you only use your personal email when no RNLI account is available. Avoid sharing restricted RNLI information and do not send or store sensitive, confidential or personal data.
Be sure to move communications into relevant RNLI systems if available and delete RNLI-related emails when they are no longer needed.
Keeping your personal email account secure
We recommend enabling Multi-Factor Authentication (MFA) wherever possible, as it provides an additional layer of security beyond your password. For more information and guidance on this, refer to your email account provider’s advice.
Ensure you have antivirus software installed on laptops and PCs and run regular, full scans of your device.
We also suggest applying spam and junk filtering, removing old RNLI information and contacts when no longer needed, and unsubscribing from emails you no longer require.
Creating a strong, unique password is one of the simplest and most effective ways to protect your email account, making it much harder for cyber criminals to guess or crack your credentials.
-
All passwords should be long and unique (do not use passwords that you use elsewhere).
-
Passphrases are easier to remember and more complex to guess. You can use a line from your favourite song, a quote from a film or a saying.
-
Remember to never share your password with anyone.
-
If you’re concerned that your account has been compromised, change your password.
Remember that obvious passwords and passphrases can be easily guessed, leading to unauthorised access to data and systems.
If your personal email account is compromised
If you believe your personal email account has been compromised, change your password immediately, as well as any others linked to the account, before running a full virus scan of your device.
If you think your personal email account has been compromised, please contact [email protected].
Any suspicious activity on an RNLI email account should be reported to [email protected]. If you suspect an RNLI data breach, please ensure it is reported as soon as possible to [email protected].
Beware of phishing emails
Phishing emails are one of the most common ways criminals try to trick people into sharing sensitive information, so it’s important to stay alert.
Common signs include suspicious links (you can check a URL before clicking on it by hovering with your cursor on a laptop, or tapping and holding from a mobile), unusual sender details, poor grammar, generic greetings, or messages that create urgency.
If something feels unexpected, pause and verify it with the sender using a trusted contact method. If you receive a suspicious email, do not click any links, open attachments, reply or forward it.
If your RNLI email account is targeted with a suspected phish, report it using the Phish Alert button in Outlook so our Information Security Team can investigate.
Spam emails, such as marketing messages, are usually harmless and can simply be deleted without reporting.
Further support
Thanks for taking the time to follow this guidance and for helping keep our systems, information and each other safe.
Our Information Security Team works hard to protect our systems and provide the guidance and training we all need to stay safe. If you have any questions or would like to speak to a member of our Information Security Team, email [email protected].