Web-based email services have come a long way over the past decade, and many of them are feature-rich enough to be on par with desktop-based alternatives. But there are several valid reasons to keep using desktop email software. Postbox and Outlook are the two main options, but they’re expensive. If you only need an email client to handle one or two personal accounts, then a free email client will likely serve you just fine — just be aware that you may run into feature restrictions as a free user.

1. Thunderbird

Available for Windows, Mac, Linux.

Though Thunderbird development was discontinued in 2012, it still receives maintenance updates so don’t write it off as dead just yet. In fact, a stable version update was released earlier this year. The client won’t be getting any new features going forward, but it’s absolutely still usable.

And, as sad as it is to say, Thunderbird is the only free and open source desktop email client that’s actually worth using. Other open source clients exist, but they’re riddled with issues like clunky interfaces, glitchy performance, and lack of advanced features.

If you’re adamant about never spending a penny and never switching to a web-based client, then Thunderbird is your best bet. It can do pretty much anything you need, including setting up message filters and autoresponding to emails, among other nifty tips and tweaks.

Download: Thunderbird (Free)

2. Mailspring

Available for Windows, Mac, Linux.

One of the original authors then forked the project and relaunched Nylas Mail as Mailspring. In addition to keeping the project alive, he optimized and improved many of the internal components, resulting in quicker syncing, less RAM usage, faster launch times, and more.

Thunderbird may be the client of choice for those who want reliability and time-tested staying power, but Mailspring is the client to use if you want something fresh, new, exciting, and full of future potential. It’s free to use indefinitely with some advanced features locked behind a subscription.

• Syncs with Gmail, Office 365, Yahoo, iCloud, FastMail, and IMAP.
• Unlimited email accounts and unified inbox.
• Undo sent emails within a given period of time.
• Support for pre-built themes, layouts, and emojis.

Notable Pro Version Features

• Powerful template support for productivity.
• Track whether emails are opened and links are clicked.
• Schedule emails to be sent at a future time.
• Snooze emails and create follow-up reminders.
• Share email threads with others using a web link.

Download: Mailspring (Free, $8/mo for Pro)

3. Sylpheed

Available for Windows, Mac, Linux.

Sylpheed is an email client that’s been around since 2001. While it does feel dated when compared to modern email clients, it’s not bad by any stretch. In fact, its old-school interface and approach to email management may actually prove helpful if your email habits are causing undue stress.

The best thing about Sylpheed is that it knows what it is: an email client. It doesn’t concern itself with tons of extraneous features that do nothing but bloat the installation and clutter the interface. Sylpheed is simple, lightweight, and full-featured.

Notable features include fast launch and overall performance, advanced email search and filters, effective junk mail control, encryption, and extensibility through plugins.

Download: Sylpheed (Free)

4. Mailbird

Available for Windows.

If you’ve never used desktop email before, then you’ll probably love Mailbird. If you’re migrating from another client, it will be hit or miss — some parts will feel familiar, other bits will impress you, but you’ll undoubtedly find aspects that you hate as well.

All we can recommend is giving it a try. It’s definitely slick and modern, and there’s a lot to like about it. Note that it’s a freemium app so the free version is restricted in some ways.

Notable Free Version Features

• Beautifully sleek and minimal interface.
• Syncs with any IMAP or POP email service.
• Lightning fast search and indexing.
• Integration with Dropbox, Evernote, Google Docs, and more.
• Supports up to 3 email accounts.

Notable Pro Version Features

• Unlimited email accounts and unified inbox.
• Snooze emails and set up reminders.
• Speed reader for emails.
• Quick preview for email attachments.

Download: Mailbird (Free, $18/yr or $59 one-time for Pro)

5. eM Client

Available for Windows.

eM Client aims to be an all-in-one solution for dealing with office tasks and communications. It’s primarily designed for email, but also has nifty calendar integration, task management, contacts organization, and even chat support — and the free version only has one (albeit major) limitation, as you can see below.

Notable Free Version Features

• Slick Modern UI interface that fits well with Microsoft apps.
• Syncs with Gmail, Exchange, iCloud, Office 365, and Outlook.com.
• Conversational view for email threads.
• Integration with all common chat services, including Jabber.
• Supports up to 2 email accounts.

Notable Pro Version Features

• Supports an unlimited number of email accounts.
• Can be used for commercial purposes (e.g. business office use).
• VIP support and troubleshooting.

Download: eM Client (Free, $50 one-time purchase)

The Department of Homeland Security (DHS) wants to help small businesses across America protect against ransomware, and the National Cybersecurity and Communications Integration Center (NCCIC) has issued this message: NCCIC has received multiple reports of WannaCry ransomware infections worldwide. Ransomware is a type of malicious software that infects and restricts access to a computer until a ransom is paid. Although there are other methods of delivery, ransomware is frequently delivered through phishing emails and exploits unpatched vulnerabilities in software.

Phishing emails are crafted to appear as though they have been sent from a legitimate organization or known individual. These emails often entice users to click on a link or open an attachment containing malicious code. After the code is run, your computer may become infected with malware.

A commitment to cyber hygiene and best practices is critical to protecting organizations and users from cyber threats, including malware.

In advice specific to the recent WannaCry ransomware threat, users should:

• Be careful when clicking directly on links in emails, even if the sender appears to be known; attempt to verify web addresses independently (e.g., contact your organization's helpdesk or search the Internet for the main website of the organization or topic mentioned in the email).
• Exercise caution when opening email attachments. Be particularly wary of compressed or ZIP file attachments.
• Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
• Avoid providing personal information or information about your organization, including its structure or networks, unless you are certain of a person's authority to have the information.
• Avoid revealing personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
• Be cautious about sending sensitive information over the Internet before checking a website's security.

If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from anti-phishing groups such as the APWG.

Hackers have breached half of the 28 million small businesses in the United States, according to the 2016 State of SMB Cybersecurity Report. Contact our security experts to ensure your business is safe!

1. Protect against viruses, spyware, and other malicious code Make sure each of your business’s computers are equipped with antivirus software and antispyware and update regularly. Such software is readily available online from a variety of vendors. All software vendors regularly provide patches and updates to their products to correct security problems and improve functionality. Configure all software to install updates automatically.
2. Secure your networks Safeguard your Internet connection by using a firewall and encrypting information.  If you have a Wi-Fi network, make sure it is secure and hidden. To hide your Wi-Fi network, set up your wireless access point or router so it does not broadcast the network name, known as the Service Set Identifier (SSID). Password protect access to the router.
3. Establish security practices and policies to protect sensitive information Establish policies on how employees should handle and protect personally identifiable information and other sensitive data.  Clearly outline the consequences of violating your business’s cybersecurity policies.
4. Educate employees about cyberthreats and hold them accountable  Educate your employees about online threats and how to protect your business’s data, including safe use of social networking sites.  Depending on the nature of your business, employees might be introducing competitors to sensitive details about your firm’s internal business. Employees should be informed about how to post online in a way that does not reveal any trade secrets to the public or competing businesses.  Hold employees accountable to the business’s Internet security policies and procedures.
5. Require employees to use strong passwords and to change them often  Consider implementing multifactor authentication that requires additional information beyond a password to gain entry. Check with your vendors that handle sensitive data, especially financial institutions, to see if they offer multifactor authentication for your account.
6. Employ best practices on payment cards  Work with your banks or card processors to ensure the most trusted and validated tools and anti-fraud services are being used. You may also have additional security obligations related to agreements with your bank or processor. Isolate payment systems from other, less secure programs and do not use the same computer to process payments and surf the Internet.

   Are you ready for the shift from magnetic-strip payment cards to safer, more secure chip card technology, also known as “EMV”? October 1st is the deadline set by major U.S. credit card issuers to be in compliance. Visit SBA.gov/EMV for more information and resources.

7. Make backup copies of important business data and information Regularly backup the data on all computers. Critical data includes word processing documents, electronic spreadsheets, databases, financial files, human resources files, and accounts receivable/payable files. Backup data automatically if possible, or at least weekly, and store the copies either offsite or on the cloud.
8. Control physical access to computers and network components Prevent access or use of business computers by unauthorized individuals. Laptops can be particularly easy targets for theft or can be lost, so lock them up when unattended. Make sure a separate user account is created for each employee and require strong passwords. Administrative privileges should only be given to trusted IT staff and key personnel.
9. Create a mobile device action plan Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network.. Require users to password protect their devices, encrypt their data, and install security apps to prevent criminals from stealing information while the phone is on public networks. Be sure to set reporting procedures for lost or stolen equipment.
10. Protect all pages on your public-facing websites, not just the checkout and sign-up pages

With tax fraud on the rise, it is important to be aware of the fraudulent activities that can take place this tax season and what you can do to minimize your risk of becoming a victim of identity theft. In actuality, tax fraud is relatively easy to commit. All that is required for a scam to take place is a name, date of birth and Social Security number, and with the number of data breaches that have taken place recently, your personal information could be vulnerable to cybercriminals and identity thieves. According to LifeLock’s marketing intelligence director, Nada Baiz, “tax fraud will continue to develop because criminals are realizing how lucrative and easy it is.” She also adds, “With chip-enabled debit and credit cards now making credit card fraud more difficult to commit, criminals will look to replace this lost ‘income’ with something else.”

With Tax Identity Theft Awareness week (Jan 29 – Feb 2) approaching, it is important to spread the word about how to prevent becoming a victim to scams this tax season.

To help reduce your chances of identity theft this tax season, here are six best practices to follow:

File taxes early

Identity thieves are ready as early as January to file fraudulent returns, so it is important to have all of your paperwork in order before they do in order to protect yourself. This is even more crucial if you have reason to believe your personal information has already been compromised, such as in an earlier data breach. However, you don’t have to be a victim of a previous identity theft crime to become a victim of tax refund fraud.

Don’t fall for scams

If someone calls or emails claiming to be from the Internal Revenue Service (IRS) asking for personal information, don’t give it. The IRS will only request information by mail, so if you receive a call, email or text message claiming to be from the IRS and asking you to provide personal details, don’t – it is most likely a scam.

Research your tax preparer

Be very careful about choosing a tax preparer. Only hire individuals who have the proper IRS credentials, then request their full name and tax certification documentation. Be sure to keep copies of it with your tax paperwork even after filing. Even if you’re using an e-filing service, researching the provider is just as important.

Protect your Social Security number

Leave your Social Security card at home and only give out the number when absolutely required. If you are requested to provide it on a form, ask the company why they need it and if it is necessary, because this is often optional.

sign up for protection services

Signing up with a service that specializes in identity theft protection could help you to stay on top of keeping your personal information safe by receiving alerts immediately if any fraudulent activity occurs.

Shred your personal records

Destroy old tax forms, monthly financial statements and other documents that include your personal information once deemed unnecessary. Switching to online delivery is another safe bet so your documents are less likely to end up in places where they can be stolen, like your mailbox or recycling bin.

If you do choose online delivery, make sure that any personal accounts storing this information are appropriately secured.

Lock Down Your Login: Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Strengthen online accounts and use strong authentication tools – like biometrics, security keys or a unique, one-time code through an app on your mobile device – whenever offered.

Scammers sometimes pretend to be government officials to get you to send them money. They might promise lottery winnings if you pay “taxes” or other fees, or they might threaten you with arrest or a lawsuit if you don’t pay a supposed debt. Regardless of their tactics, their goal is the same: to get you to send them money. Don’t do it. Federal government agencies and federal employees don’t ask people to send money for prizes or unpaid loans. Nor are they permitted to ask you to wire money or add money to a prepaid debit card to pay for anything.

How to Recognize a Government Impostor

It could be hard to recognize an impostor through the lies they tell. They use a variety of tricks to get your attention, whether it’s distracting you with a story about money you won or creating a fear that you’ll be sued or arrested.

Here are two deceptions that they have used successfully to steal money from people:

You’ve "Won" a Lottery or Sweepstakes

Someone claiming to be a government official calls, telling you that you’ve won a federally supervised lottery or sweepstakes. They may say they’re from “the national consumer protection agency,” the non-existent National Sweepstakes Bureau, or even the very real Federal Trade Commission — and it looks like they’re calling from a legitimate number. They also might send e-mails, text messages or letters.

They might:

• tell you you’ll have to pay taxes or service charges before you can collect your winnings
• ask you to send money to an agent of “Lloyd’s of London” or some other well-known insurance company to “insure” delivery of your prize
• ask you to wire money right away, often to a foreign country

The truth is that no government agency or insurance company is involved, and there are no winnings. There never were. Scammers take the money you paid them and disappear.

You Owe a Fake Debt

You might get a call or an official-looking letter that has your correct name, address and Social Security number. Often, fake debt collectors say they’re with a law firm or a government agency — for example, the FTC, the IRS or a sheriff’s office. Then, they threaten to arrest you or take you to court if you don’t pay on a debt you supposedly owe.

The truth: there’s no legitimate reason for someone to ask you to wire money or load a rechargeable money card as a way to pay back a debt. If you’re unsure whether the threat is legitimate, look up the official number for the government agency, office or employee (yes, even judges) and call to get the real story. Even if it is a real debt, you have rights under the Fair Debt Collection Practices Act.

Variations on these scams include people claiming to be with the IRS collecting back taxes, or scammers posing as representatives of the United States Citizenship and Immigration Service (USCIS) who target immigration applicants and petitioners.

Five Ways to Beat a Government Impostor Scam

Don’t wire money

Scammers often pressure people into wiring money, or strongly suggest that people put money on a prepaid debit card and send it to them. Why? It’s like sending cash: once it’s gone, you can’t trace it or get it back. Never deposit a “winnings” check and wire money back, either. The check is a fake, no matter how good it looks, and you will owe the bank any money you withdraw. And don’t share your account information, or send a check or money order using an overnight delivery or courier service. Con artists recommend these services so they can get your money before you realize you’ve been cheated.

Don’t pay for a prize

If you enter and win a legitimate sweepstakes, you don’t have to pay insurance, taxes, or shipping charges to collect your prize. If you have to pay, it’s not a prize. And companies, including Lloyd’s of London, don’t insure delivery of sweepstakes winnings.

If you didn’t enter a sweepstakes or lottery, then you can’t have won. Remember that it’s illegal to play a foreign lottery through the mail or over the phone.

Don’t give the caller your financial or other personal information

Never give out or confirm financial or other sensitive information, including your bank account, credit card, or Social Security number, unless you know who you're dealing with. Scam artists, like fake debt collectors, can use your information to commit identity theft — charging your existing credit cards, opening new credit card, checking, or savings accounts, writing fraudulent checks, or taking out loans in your name. If you get a call about a debt that may be legitimate — but you think the collector may not be — contact the company you owe money to about the calls.

Don’t trust a name or number

Con artists use official-sounding names to make you trust them. It’s illegal for any promoter to lie about an affiliation with — or an endorsement by — a government agency or any other well-known organization. No matter how convincing their story — or their stationery — they're lying. No legitimate government official will ask you to send money to collect a prize.

To make their call seem legitimate, scammers also use internet technology to disguise their area code. So even though it may look like they’re calling from Washington, DC, they could be calling from anywhere in the world.

Put your number on the National Do Not Call Registry

Ok, so this won’t stop scammers from calling. But it should make you skeptical of calls you get from out of the blue. Most legitimate sales people generally honor the Do Not Call list. Scammers ignore it. Putting your number on the list helps to “screen” your calls for legitimacy and reduce the number of legitimate telemarketing calls you get. Register your phone number at donotcall.gov.

Report the Scam

If you get a call from a government imposter, file a complaint at ftc.gov/complaint. Be sure to include:

• date and time of the call
• name of the government agency the imposter used
• what they tell you, including the amount of money and the payment method they ask for
• phone number of the caller; although scammers may use technology to create a fake number or spoof a real one, law enforcement agents may be able to track that number to identify the caller
• any other details from the call