21 November 2016

The value of your email account to hackers


Excerpts from Krebs on Security:
"... many people do not fully realize how much they have invested in their email accounts until those accounts are in the hands of cyber thieves...

Sign up with any service online, and it will almost certainly require you to supply an email address. In nearly all cases, the person who is in control of that address can reset the password of any associated services or accounts –merely by requesting a password reset email...

Even if your email isn’t tied to online merchants, it is probably connected to other accounts you care about. Hacked email accounts are not only used to blast junk messages: They are harvested for the email addresses of your contacts, who can then be inundated with malware spam and phishing attacks. Those same contacts may even receive a message claiming you are stranded, penniless in some foreign country and asking them to wire money somewhere...

If your inbox was held for ransom, would you pay to get it back? If your Webmail account gets hacked and was used as the backup account to receive password reset emails for another Webmail account, guess what? Attackers can now seize both accounts.

If you have corresponded with your financial institution via email, chances are decent that your account will eventually be used in an impersonation attempt to siphon funds from your bank account.
Scary.  And more at the link.

6 comments:

  1. This is correct. I beg you all to enable 2-factor authentication in your gmail (or other webmail account). It is probably the single best thing you can do to protect your account.

    ReplyDelete
    Replies
    1. Thanks for that link, Dan. I've been considering implementing 2-factor authentication, but I don't always have my cell with me. Now I understand that I can turn off the process when using my home desktop computer. Good to know.

      Delete
    2. Apparently not all email systems offer 2-factor authentication; I've been unable to find a way to implement it with Earthlink Webmail, for example. *sigh*

      Delete
    3. Yeah, unfortunately you are at the mercy of what your provider supplies. If they don't care about your security there are limits to what you can do on your end. : (

      Delete
  2. I have been using Kaspersky protection for a few years now, and I recommend this antivirus to all of you.

    ReplyDelete
    Replies
    1. And, of course, the syntaxlinks.com site linked above is part of a spammy get-rich-quick scheme.

      Also, I don't particularly recommend any anti-virus system, especially not one you pay for. In general it seems to me that AV systems are a bit like building stone walls in the age of cannons. Once a good idea, but long since overcome by offensive technologies. If you feel like using a free one such as Microsoft Security Essentials it can't hurt, but I wouldn't expect it to do much to protect you from modern threats.

      Delete

Related Posts Plugin for WordPress, Blogger...