Ops Insights #090 - Check That Email Before You Click It
May 29, 2026 | Read Time: 3 minutes | Written by Jenny Kleintop
Doesn’t that slogan have a ring to it? Check it before you click it?
One of my clients has a fabulous cybersecurity team. They send newsletters that you actually want to read. The one sent yesterday grabbed my attention immediately because it’s timely, and it’s relevant to my day-to-day work.
It’s about email safety. I’ve been getting a ton of spam emails lately. Some even have a name I know and trust, so my first instinct is to click the link. However, that little voice that has been running on repeat in my head says to stop and check the email before I click any of the links in it. Often, it’s through links that hackers gain access to our computers, networks, and all the sensitive information we store about our constituents.
Since I thought this was a good reminder for me, I wanted to pass it along to you. Because the more you know, the safer you can be.
Here you go, compliments of my client’s IT Cybersecurity team:
Email Cybersecurity: 10 Things to Know and Do
Double check recipients: Always review who you’re sending to before sending an email. Only use distribution lists when necessary and only when everyone on that list needs to receive that information.
Keep sensitive info out of subject lines: Never include Protected or Confidential Information in an email’s subject line. If it’s in a message someone has sent to you, remove that information in subject lines before replying and forwarding.
Minimum necessary: This means limiting the amount of Protected Information to the least amount required to do your work. If information isn’t needed, don’t use, send or share it.
Keep it professional: Only use your work email for work-related things. Don’t use your work email to sign up for personal services, websites, or shopping. The fewer places your work email is, the less likely it is to receive spam emails.
Protection through omission: Replying or forwarding? Take a few seconds to delete previous email threads/messages that have Protected and/or Confidential Information.
Use your work email: Don’t use another email account to do your work or work-related things.
Your email is just for you: You’re responsible for everything that happens with your email. Don’t share your email access with anyone.
Delete unneeded messages: Both Outlook and Teams let you delete individual messages. Delete them with Protected and Confidential Information when they’re no longer needed.
Start fresh: Consider creating a new email instead of forwarding an email thread to others, especially for long emails that might contain sensitive information.
Know the rules: Refer to the Cybersecurity Policies and Privacy Standards that detail the rules of emailing sensitive information. Remember to look those up when you have questions.
Stay safe out there, and remember it’s not just about you. It’s also about all the data we house and the obligation we have to protect it.
Take Action
To keep hackers away, follow these 3 steps:
1 ➡ Find out who manages your IT and cybersecurity protocols.
2 ➡ Ask that person what your cybersecurity policies and privacy standards are. If you lead a team, even ask them to provide training so everyone is in the know.
3 ➡ Re-read the 10 tips above, and next time you receive an email with links, check it again to ensure it’s legit before clicking on any of the links.
You’ve got this!
👋 See you next time,
Jenny
Whenever you're ready, there are two other ways to get help:
Insights: Receive these Insights directly in your inbox to learn, grow, and accelerate your expertise of philanthropy data, database, and operations. Plus, bonus insights are often in the email version. Add your email here.
Hands-On Support: Get personalized assistance when you need it the most through fractional support. View here.
