First In A Series: Pay your bills online? Do any online banking? If you do, you probably keep your bank account password secure.
But what about your e-mail password?
This article will give examples of what can happen when someone gets unauthorized access to your e-mail account. In an upcoming post, we’ll take a look at a couple of reasons why your e-mail password may not be as secure as you might think. After that, we will examine some methods for keeping your e-mail account private and secure.
“It’s impossible to move, to live, to operate at any level without leaving traces, bits, seemingly meaningless fragments of personal information.”
William Gibson
With each passing year we depend less on the postal service and more on the Internet to interact with our banks, utilities, employers and customers. We realize that a lot of personal information about us is stored on computers connected to the Internet; we accept this reality (if we think about it at all) because online shopping, online banking, online bill pay, and social networking provide great convenience.
Frequently the humble e-mail account provides the common link between the user and various online services, whether these services are trivial or essential. For this reason, it’s important to keep your e-mail secure.
Often banks have password security rules and require customers to create complex passwords with both letters and numbers. But what happens if you forgot your password? In many cases you can click on a password recovery link, provide your e-mail address, and then check your e-mail for a code or hyperlink that you can use to create a brand new password.
The following stories illustrate problems that can occur when a hacker gains access to someone’s e-mail account:
Edward Mendelson on AppScout tells the story of “What Happens When Your Webmail Gets Hacked” – about how a friend’s Gmail account was hijacked by a scammer. The hacker e-mailed everyone in the victim’s contact list, claiming to be stranded out of town with no cash: “please I need you to loan me some money, I will refund you as soon as I’m back home, I promise.” It took over eight hours to regain control of the hijacked e-mail account …by which time the hacker had persuaded one well-meaning friend to wire money overseas.
This scam happens quite often, as when a retired Cornish vicar innocently shared information that allowed hackers to get into his Yahoo e-mail account. Shortly thereafter, his friends received an e-mail claiming “I am really stranded in Nigeria because I forgot my little bag in the Taxi where my money, passport, documents and other valuable things were kept…” Fortunately, his friends were not deceived by the faked message. According to the victimized vicar, “It was so long-winded and badly spelled that most of my friends were laughing by the end of it.”
It was not a laughing matter when another Yahoo email account was compromised: Sarah Palin’s Yahoo e-mail was hacked during the presidential election campaign in September 2008. Palin, while governor of Alaska, had used the Yahoo address gov.sarah@yahoo.com to conduct state business. After the account was breached, confidential e-mail messages were posted on the Internet. The “hacker” (tracked down by the Secret Service and FBI) is now awaiting trial and faces up to five years in prison if convicted.
The technique used to gain access to Palin’s e-mail account does not require any special skill or technical knowledge, and many web-based e-mail accounts are still vulnerable to it today. My next post will show how it was done, and how you can take steps to protect yourself.
Sources:
AppScount: What Happens When Your Webmail Gets Hacked
BBC: Fraudsters Hijack Vicar’s E-mail
Wikipedia: Sarah Palin Email Hack
Washington Post: Governor Is Asked To Release E-Mails
Image by Esparta
good article.