Identity theives .
‘Sure! Just email me the details.’ How many times in an average week do you find
yourself saying those words? Email is one of the top ways we socialize today. We
send people funny images of cats, write about our lives and send important
business correspondence on a daily basis. Even more than just a tool for
communication, email is a necessity of life when it comes to keeping in touch
with the world.
Although we use web services such as email on a daily
basis, when people hear about “hacking” stories in the news, it often seems
distant and irrelevant to us.
Hacking is something that involves the
manipulations of geometric shapes or 3-D talking heads telling the hero or
villain company secrets, if Hollywood is to be believed. But in this day and age
it has a particular relevance to us all. When asked if they are worried about
being hacked, most people say things like “I have nothing to hide” or “why would
anyone hack my account?” You might be surprised to know that email hacking today
isn’t something personal.
The chances that you know the person trying to
break in are close to none.
They don’t care about what you are up to, how
your grandmother is feeling or the latest updates from your job. They are
looking for ways to make easy money.
They do this by sending emails to
people they can identify from your address book and trying to con them out of
money in your name. By pretending to be you and having all your past emails to
root though, they can do an effective job at conning people you care about out
of money. Even worse, you would be hard-pressed to contact all of them without
your trusty email and address book by your side.
Not only is email
indispensable to your social and business life, but most online services require
an email address and then use that email address as a source for password
resets. This can be a problem if you lose access to your email account or it
gets compromised, because the person who has control of your account can easily
gain access to any service you have signed up for with your email address, which
could include sensitive financial sites.
So what can you do to avoid that
fate? The first step is the easiest:
Don’t give your password to
This might seem like a no-brainer, but surprisingly it isn’t. A
survey carried out for the Infosecurity Europe trade show proved that more than
70 percent of people asked would trade their passwords for a bar of chocolate.
Not only that, but 34% didn’t even need to be bribed with chocolate to rattle
off the keys to their digital lives.
But your email isn’t just at risk
from strangers offering candy. Sometimes a scammer will send you an email
purporting to be Facebook or Gmail or some other service and ask you to confirm
your password or else they will close your account, or some other threat. In my
entire career, I’ve never gotten an email asking for my password that has
actually been from the service it said it was from. If you aren’t sure, ask
someone who you know has a strong technology background to verify the email for
you before you send them any of your details.
Another place that you
shouldn’t use your email passwords is on sites like Facebook that want to log
into your email to connect you with more friends. Giving a third party direct
access to your email means that they keep the password on file and if they
suffer a data breach, your email details will be in the hands of people you
really don’t want to have it.
Make a password that is hard to
The most common password is “12345.”
You would be surprised
at how little work identity thieves have to do to guess their way into accounts
protected by weak passwords.
The best way to protect your account is to
make a password that is hard to guess. Since it isn’t easy to remember passwords
like “BHt6fbnO,” it is recommended to use sentences instead. “ILove-
ToRowBoatsOnTuesday” is a much better choice than “1234” or “ponies,” while
still being memorable. Another way to make passwords more secure is to use a
password manager like www.passpack.com, which can manage your passwords for
Don’t use the same password for more than one service.
important than any other service on the Internet is your email. Most email
providers have pretty decent security when it comes to preventing
The same can’t be said for many of the other services you sign
up for online. In an effort to remember all your passwords, I’m sure you have
re-used a password or two for all of your services. Most people do.
problem with this is that if a single service gets compromised, identity thieves
try to use those passwords on the email addresses used to sign up for the
They succeed in logging into the email far too frequently for
Use dual authentication.
Gmail is the most popular email
service, with approximately 350 million active accounts. It has a great feature
for preventing someone from breaking into your account, called “dual
authentication.” In addition to using your username and password to log in, it
also sends an SMS to your phone with a code to type in. Since an identity thief
might have all your details but still not possess your phone, he or she won’t be
able to get in. You’ll find it surprisingly easy to use and not much of a
nuisance at all.
You can get more information about dual authentication