Sunday, 26 January 2014

Why You Should Take Your Email Security Seriously

My email, not that valuable, right?  Probably contains some nice conversations with my mum and maybe the odd gas bill.  Probably not the kind of information that I want public, but not really worth putting effort into protecting.

Well, if that's your attitude then consider this...

Someone hacks into your email, they make the assumption that you're probably signed up to one or several social networking sites such as Facebook, Twitter, Instagram, or whatever the latest fad is.  So they go to each one of these sites, type in your email address and hit "I forgot my password".  Then they check your email for the password reset email and boom, they're in.  So in about 10 minutes they've also got access to all of your social network accounts.  And because they reset the passwords, you are blocked out.  That frape which your friend did last week now seems like nothing compared to the streams of embarrassing and financially-sensitive information being posted to your Facebook wall and Twitter account, including that email to your mum about your yeast infection.  And you can't even log on to do anything about it.

Next are all the other accounts.  A few quick searches of your email for "account", "welcome" and "registered" bring up a whole host of other sites which you've got accounts on.  Same technique with the password reset, and boom, your online identity is pretty much stolen, and you're going to have one heck of a time getting it back again, if you even can.

Next up is the money.  First stop, Amazon.  You've probably got your card details stored, right?  So a quick password reset job on Amazon will leave the crooks spoiled for choice as they peruse the pages of the vast online store, buying themselves new clothes, and buying a few inflatable sex dolls and books about gynaecology for you, preferably delivered to work.  When the credit limit is reached, it's onto your bank account...

This will hopefully be more difficult, as most banks have 2-factor login systems (more about those in another post).  But by now I'm hoping you've taken on board my point: your email is the only thing between you and total online annihilation.  Maybe even offline annihilation too, when you receive you bank statement.

In my next posts I will cover ways in which you can help to keep your email account secure, using 2-factor authentication and good strong passwords.

No comments:

Post a comment