Email Protection is as important as Virus Protection
Your email inbox is no longer safe
In the first half of 2011 alone, LulzSec – a malicious hacker crew – has released hundreds of thousands of email addresses and passwords. Working in small teams, they use a variety of techniques to break into the databases of unsuspecting companies, steal the data within, and publish it to the greater internet for people to abuse as they will.
In many cases, the stolen data contained full email addresses and unencrypted passwords. Do you use the same password for multiple sites? Worse, do you use the same password for your inbox? If you do, your email inbox could already be compromised, in the hands of whoever wants it at the moment, being passed around from hacker to hacker – all without you knowing.
Consider the ultimate nightmare scenario: If a hacker has control of your inbox, they can send password reset emails for any other services you have signed up with, and gain access to those systems as well. Your online dating profile? Your Twitter or Facebook account? PayPal or your bank?
You wouldn’t surf the ‘net without virus protection – why surf without email protection?
Simple steps you can take
Password security is critical. Using high-end hardware, hackers can crack a short password that uses only letters in record time. You should have a long password that uses letters and symbols, and you should change it regularly. One easy way to do this is to use a “passphrase” instead of a simple password. Think of a short phrase, then replace some letters with numbers and add punctuation in non-standard locations. It’s far easier to remember “th3 red, f0x jump$” than it is to remember “hq3t!EY$4974″.
Better still, some email providers offer what’s called “2 factor authentication”. In addition to entering your password, you also have to enter a short code that is either texted to your phone, or automatically generated via an app on your phone. If your email provider offers this, you should enable it as soon as possible.
Many risks remain
Having taken all these preventative measures, does this mean you’re safe now? Hardly.
Imagine you get an email from your bank, informing you that your account has been disabled due to an internal security review, and you have to log in and confirm some information before they can re-enable it. This is serious! You need that money for groceries, rent, and all kinds of other things. Besides, the email looks legitimate – it uses the same header and images and wording as every other communication you’ve received from your bank. But the moment you click on that link, you’ve been phished, and any further details you enter will be harvested and used to hack into your bank account.
The only way to prevent being phished is to be constantly aware of where all your links are leading you. The link might start with “http://www.yourbank.com”, but if the full link is: “http://www.yourbank.com.hacker-url.com/”, you’re in trouble.
Another way to accidentally get in trouble is by not regularly changing your passwords to another strong password. Much like a New Year’s resolution, this can be something that we plan to do regularly, but quickly falls by the wayside. It’s tedious and mentally taxing, and we are likely to skip it.
Even if you avoid getting phished and change your password regularly, a clever hacker can use “social engineering” to gain access to your account. By calling up your email provider and acting like you – providing a few key details like your address and date of birth, hardly difficult to obtain – they may be able to trick the customer service representative they’re speaking with into giving away your password.
What can you do about this? Nothing but keep changing your password and hoping hackers don’t target you.
There is a simple, effective solution – set a trap for the hackers!
Luckily, there’s an easier way.
With EmailAmbush, you can send an Ambush email to your inbox – a tempting-looking email that looks to be full of juicy links and images. Details of a secret affair, confidential documents, or access to a bank account! What greedy hacker could resist? But when they click on a link or load an image, the trap is set! You’re instantly warned by text message that a hacker is in your account.
Forewarned is forearmed, as the old saying goes. Knowing that your account is under attack, you can log in and change your password, which in most cases will lock the hacker directly out of your account. If you share that password with any other accounts, now is the time to change them too! Many hackers are skilled at guessing other common services you may use and will happily break into as many as they can. You should also let your email system administrator know – they have a powerful array of tools and techniques they can bring to bear in order to track down the hacker that broke into your account, and will happily pass any relevant information they find along to the authorities.
Sign up with EmailAmbush and protect your inbox today
Don’t let hackers have their way with your inbox. Turn the tables on them with EmailAmbush.