Ben Writing

Email Best Practices for Businesses

When I joined a cybersecurity startup, I didn’t expect email to be my first battle. But during my first week, I saw a customer almost fall for a phishing scam because of a sloppy, generic email.

From that moment, I made a rule for myself: always personalize emails. Hackers often hide behind vague messages. So I started writing to each customer like I knew them, because I did. I used names, context, and small details that proved my message was real.

Then I ran into another issue. We often emailed dozens of partners. At first, someone used CC instead of BCC and exposed every address. One partner replied angrily. After that, I made it a habit to use BCC for group emails, to protect everyone’s privacy.

As our team scaled, we automated more emails. One day, the integration failed silently. The email provider had blocked us for exceeding the recipient limit. That taught me to check provider limits before sending bulk messages. I baked that step into every future setup.

Soon after, the CTO asked me how we tracked sent emails. I realized we didn’t. Our system only kept logs for thirty days. That weekend, I built a solution. Now, every message has an audit trail. We can trace any email, even months after it’s been sent.

Small things mattered too. I once saw a teammate sign off with just “Thanks.” The customer replied, “Who are you?” That was a wake-up call. We created a signature template. Now, every email ends with a clear, professional signature, including name, title, and contact info.

Finally, I took on phishing. I noticed attackers guessed usernames like ben@. So I changed our convention. New email addresses had numbers, like ben92@. It wasn’t cosmetic. It worked. Adding random digits made usernames harder to guess, and harder to attack.

Email seemed simple when I started. But over time, I learned it wasn’t just communication. It was defense. By personalizing messages, protecting recipients, managing limits, logging communication, designing proper signatures, and hardening usernames, I turned email into a security tool.

Clear habits. Clear writing. No shortcuts.