As a marketer, a parent or just a person relaxing one of the many things we all do online is check our email.
I was reading today of a person who had their email hacked and was busy letting everyone know and warning them of what had happened.
It got me thinking about the topic of hacking and spoofing and felt that sharing my thoughts and go over how to protect yourself from having your email hacked would be a useful topic for everyone, regardless of your reasons for being online.
Before talking about how to protect yourself, I thought it wise to talk just a little about having your email spoofed and it’s not as hard as you may think it is. In fact many people confuse hacking and spoofing email accounts its important to know the difference.
What is email spoofing?
Email spoofing is when spammers send mail as someone else. These spammers are not hacking your email, they are forging your email.
How can you tell when your email has been spoofed? It’s actually very simple – you DO NOT find any strange email in your Sent Folder!
On the other hand you can tell when your email account has been hacked when
– Your friends/family/acquaintances are getting mail from you that you know you didn’t send.
– you all of a sudden get all these rejection notices for mail you didn’t send
– Your account folders (Sent, Deleted, Spam, Inbox, etc.) have been emptied or deleted.
– There are contacts in your Address Book you didn’t add
– **all of a sudden your email signature has a link that you know you didn’t put in there or is different from the one you normally have.
– There are outgoing messages in your Sent/ Draft folders that you didn’t create or send.
Spammers have been spoofing email addresses for a long time. Years ago, they used to get contact lists from malware-infected PCs. Today’s data thieves choose their targets carefully, and phish them with messages that look like they came from friends, trustworthy sources, or even their own account. source
** Regarding email signatures that have links – This is more for those of you who is in any business. This form of spoofing happens a lot more than you may realize. Check to be sure the link in your signature is the right link you want your customers or prospects to go.
… Back to email accounts being compromised and how to protect yourself from having your email from being hacked .
How do you know your email has been hacked?
*You try to access your account and the password no longer works.(obvious)
You try to access the “Forgot Password” link and it does not go to the expected email ( oh dear)
The recipients of the spam-email includes a bunch of people you know ( you find yourself apologizing and wondering what the heck is going on)
Your Sent Items folder contains a bunch of spammy emails you’re not aware of sending. ( and you go WTF!)
*your bank or credit card company might call you about some suspicious activity on your account. ( and you go WTF louder)
* you installed a mobile app with malware on your smartphone, you might find some unauthorized charges on your phone bill. ( and you go this war and you are going to get these &^$*#@+ one way or another)
I bet that some of you are asking how did your email get hacked in the first place…let’s count the ways shall we?
1. You have unknowingly given the hacker all the information he or she needed when you went to that free WIFI coffee shop or any other place where you can access your email for free. These jerks ( I am being very kind btw) have used their computer to trick your computer or even smart phone into thinking “aha” this is the router I need to access everything needed.
The only problem is – it’s actually that jerk with their laptop.
2. There are those jerks ( maybe the same jerks in that coffee shop) who use this tool called a keylogger.
A keylogger is this tool that notes every letter and word you type in and sends them to a server controlled by whoever infected your computer with the virus/malware.
This means any time you enter a username and password, the keystrokes are taken or logged before yout login request is sent. It doesn’t matter that the connection from your computer to the mail server is encrypted. YIKES!!
3. Your password was easily guessable. If you think that you are being smart in your password, may I suggest you think again?
Time to do some reading and gain an understanding of how people ( you) choose your passwords and here is a very good article to read:
Unmasked:What 10 million passwords reveal about the people who choose them
Trust me when I say I went..you have to be kidding! This is one of the most in depth articles I have ever read – kudos to author!
I never realized that “shadow” was one of the 50 most used passwords. Here are 49 other passwords people love to use and shouldn’t
4. I have talked to so many people who still use the same password everywhere they go because who the heck wants to remember so many different passwords!
The answer is you do!
There are very good tools that you can use to help you with remembering passwords from lastPass to Roboform. I still suggest that people do a print out of their passwords to refer to, just in case you forget or you need to change your password if you have been hacked!
5. Have you ever heard of social engineering?
“Social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.” source
Now how can a hacker use social engineering to hack your account? When you signed up for that email account, do you remember how you had to answer questions to certain questions for an extra layer of security for you?
Here are just a few examples to help jog your memory:
What is the first name of the person you first kissed?
What is your pet’s name?
What is the name of your first school?
What is your favorite movie?
What is your mother’s maiden name?
What street did you grow up on?
What was the make of your first car?
I will bet you anything that you answered these question honestly because after all they are”security questions” and implies trust – yes?
Do not be fooled by answering these or other questions honestly because that hacker who knows even a little bit about you can soon find out the answers and wham you have been hacked!
This leads me to number…
6. Pretty much everyone is on some kind of social network the largest being.. tada – Facebook – LinkedIn – Twitter and yep Google+.
I am going to say that especially on Facebook most people do not think twice or even once for that matter about all that juicy information they are sharing..think about it! What better way for a hacker to know you? You keep giving them that information for free!
I know there are many other ways you can be hacked but these 7 ways to have your email hacked is a good start to understanding how these things happen.
For anyone who has had their email hacked – you have my total sympathy and it sucks!
So how do you protect yourself from having your email being hacked – apart from going off the grid and never using a computer or smart phone ever again ( a bit drastic)?
The reality is we live in the digital age.
I was a bit astounded when my new doctor was doing everything on the computer from writing out perscriptions on a form, notes and you name it..all on the computer! The doctor was a bit annoyed that my other doctor wrote with pen and paper and kind of shook her head – WOW!
When I realized how much data we store on our computers and smart phones..from images to details of accounts, banking details, if use Craigslist or other advertising venues ( Adlandpro is just one of the free venues where you can advertise online) it got me thinking that it was time for me an update with you on how to protect yourself and as the saying goes An ounce of prevention is worth a pound of cure~ Benjamin Franklin
Let’s get at it shall we?
1. When you are in public and using public free WIFI’s, never type in your password! Back in..Dave Cottrell suggested and boy is it a good one that you keep your passwords on a notepad and then copy and paste into the password field. not one keystroke made..ha!
– also never ever use public computers or free public wifi networks to make any transaction. It may seem like a good idea..but it isn’t.
2. Create separate email accounts for your social life online, your personal life, your professional life, retailers and other places you go when online.
3. Create passwords that are going to make a hacker think twice about hacking you! If you are going to use an easy password that they might guess , add a letter or sign in the front of the password. For example I might use the same word but use different letters/numbers in front on it for different places I go for different reasons.
I also change my passwords every so often because the reality is, regardless of what you do, if that person is hacking you knows anything about you, they will eventually figure everything out.
When I change my password I store everything in a virtual safe, in my case I use Roboform, but the free ones such as lastPass are very good as well.
Because I have so many passwords, I have issues remembering them all, I also do a print out of my passwords and keep that in a safe place…just in case..the reality is you never know!
4. When you post on social networks and again I am thinking of Facebook, be aware of what you are sharing and how a nefarious character might try to guess at your password.
When was the last time you checked on your account’s privacy settings? Make a point of checking the privacy settings so that you are not sharing with the wrong people.
If you are in business in any manner, then create a facebook page or have a facebook account ( as an example) that is just for your business. Keep your professional life and your personal life separate.
5. When you see security questions when registering for any email account or on the security questions you have now…it’s okay to lie!
That’s right folks I am advocating you lie and give fake answers to those questions and yes please make a point of keeping that information in a safe place. It is more work I agree, but I will say if this helps you to not get hacked..do it!
6. Keeping your web browser to auto-update is a smart as is keeping your operating system updated keeping your virus protector and/or malware protection up to date and please use them!
7. For anyone who is new to being online and I am thinking of those people who are seniors as an example, do not fall for the your computer is at risk. I am embarrassed to say I fell for this when I first came online as I saw all these numbers of things wrong with my computer.. a duh me moment in time but one I learned from. NEVER click on links that you do not know or look suspicious even if they are sent by “friends” “family” I know its a hassle, but it really is wise to be safe than sorry.
– One way to find out if a link especially a hypertext is safe and easy trick is to hover over that link without clicking it, you’ll notice the full URL of the link’s destination in a lower corner of your browser.
Editor’s note: Some of these services such as URLVoid make you type in the Url you want to check out which is a bit of a headache, but there is a way around this:
Just right-click the link to bring up a context menu
Internet Explorer – click Copy shortcut
Firefox – Copy Link Location
Chrome – Copy Link Address
The URL is now copied to your clipboard and you can paste it into any search field.
Last but I am sure not least:
When you are finished browsing on the web – make a point of clearing the history or cache every time. Better yet use the private browsing mode and then no data will be retain in the history or cache. I know this works for Explorer, Firefox, Chrome and Safari and should always be used especially when you are using your phone, ipod, tablet, laptop in public areas.
For those of you who have been hacked and need to know what to do next. There is an awesome post by Leo Notenboom on Ask Leo that delves into how to resolve the problem of your email being hijacked
Whether you are using your computer for personal or business reasons, keeping your email safe is important.
It is my hope that knowing how to protect yourself from having your email from being hacked will be of real time use to you.
Thanks for reading and if you know of anyone who would find this information useful ( and who wouldn’t) then be sure to share this with them.
- Gmail Lets Users Block Emailers, Unsubscribe from Newsletters (phonescoop.com)
- How to block specific email addresses in Gmail (wtvr.com)
- SPAM & Why Did They Do That>!! (getresponse.com)
- Mom, Dad, It’s Time to Talk About Phishing (allstate.com)
- Email Marketing Best Practices: CAN-SPAM (upcounsel.com)