If there's one tool that has transformed the way agents andadvisors do business today, it's email.

Email is vital for both personal and professional use —connecting people from thousands of miles away or from a few doorsdown the hall. Email use has grown rapidly over the past decade,and daily there are over 269 billion emails sent and receivedworldwide.

Related: 5 cybersecurity problems facing mid-size insurancecompanies

And because that number is so high, each message you get fromclients, prospects and business colleagues comes with its ownsecurity risks. They expose you to viruses, ransomware attacks and other malware threatsthat could slow you down, at best, or, at worst, lead to regulatoryactions and litigation.

If you sell insurance, annuities and other financial servicesproducts and collect no protected health information, you face onelevel of information security compliance anxiety.

If in the course of your activities, you collect enoughprotected health information to become a health plan's businessassociate, you face another, much higher level anxiety.

Worries about increasingly sophisticated fraudulent phishing email areputting financial professionals' very high level of anxiety inoverdrive.

Based on a study by Intel Security, 97% of people worldwide areunable to identify fraudulent phishing emails: messages that try totrick consumers into sending sensitive information. That means thevast majority of people — and the companies they work for — arevulnerable to attacks that could result in thousands to millions oflost dollars or identity theft. In fact, the Federal Bureau of Investigation reports thatorganizations have lost more than $2.3 billion in phishing scamssince 2013.

It's become critical for companies to give email securityawareness training to employees and to educate shareholders andcustomers too. Every person who interacts with your business shouldhave an understanding of what to expect from your online businesscommunications. And that should be communicated to them regularly —either by email, mail or the company website.

Related: Humans: The weakest link in social engineering andcyber attacks

Listed below are several principles your company should includein its email security awareness training:

1. Be wary of links.

If you receive an email alert about one of your online accounts,instead of clicking the link, open your browser and go directly tothe account page to see if there is a problem. Fraudulent links areone of the primary ways hackers break into a computer or an onlineaccount. To verify the alert, you should check the accountfirsthand. If it's legitimate, the alert should appear online.Before clicking on a link sent via email, always hover over it tosee the URL address and determine if it leads to a trustworthysite.

2. Define what company emails should looklike.

One of the telltale signs of a phishing email is when theappearance differs from other email messages sent by the samecompany. By clearly defining what emails from your company willlook like and sharing that information with staff and customers,they'll be better able to detect if an email is posing as yourcompany.

By implementing regular email security awareness training,you will better equip your customers and employees with theinformation they need to detect fraudulent emails. (Image:Thinkstock)

3. Inspect for misspelled words, links and domainnames.

Another way to spot a phony email is if words and links aremisspelled. Most companies take email communication seriously andwill rarely send messages with multiple typos. Cyber criminalsoften include links that look correct but with one letter out ofplace, and if you click on it, your computer immediately becomessusceptible to malware or a virus. If you receive an email withseveral typos, be suspicious and contact the company directly.

4. Don't open or download content you weren't expectingto receive.

Some of the trickiest counterfeit emails appear to have comefrom a well-known contact. The email may invite you to view anattachment or download a file, but when you do, your account orcomputer gets hacked. A good rule of thumb is to not open ordownload files if you weren't expecting to receive them. Contactthe sender to verify he sent the file before clicking on it.

5. Don't send sensitive information.

This may seem like an obvious guideline, but many people fallprey to cyber criminals by emailing sensitive information. When anemail looks like it came from a bank or credit card company, peopleoften assume it's legitimate and submit the requested information,which can include credit card, social security or bank accountnumbers. This is another reason why it's important to outline whatyour company will and will not ask for via email to help staff andcustomers discern when they've received a fraudulent email.

6. Don't jump to conclusions.

Scam emails often include a sense of urgency to strike fear intothe recipients. If you receive a notification that your account hasbeen suspended or requires immediate action, don't panic. Take timeto examine the email, open your account from the main website, andif necessary, call customer service to confirm.

By implementing regular email security awareness training, youwill better equip your customers and employees with the informationthey need to detect fraudulent emails. Send emails periodically toremind them of your company's email policy and urge them to reportany suspicious messages they receive. Doing this will instill asense of trust in your company and reduce the number of people whofall victim to fraudulent emails each year.

Related: No business is totally safe from cyberattacks

John Harris is the chief technology officerat SIGNiX, an electronic signature solutionsprovider that makes signing documents online safe, secure and legalfor any business or organization. He can be reached at [email protected].