Email accounts are hacked every day. Follow these simple tips to keep yours protected.
Hackers have every reason to want to infiltrate your inbox. For one, email is the most common form of web communication today. But more importantly, it’s the unique identifier for many online account logins, which is the reason it’s still highly targeted by cybercriminals.
Think about it: If your inbox has been hijacked, the malicious third party will most likely be able to a) find out what types of services and accounts you’re enrolled in and b) request password resets for one or more of those accounts. And since most password reset requests go directly through email, there really isn’t much you would be able to do to stop it. A circumspect cyberattacker will even cover his or her tracks (e.g., delete all those password reset emails) in an attempt to mask suspicious activity that would otherwise clue you into the intrusion.
Once hacked, your email can be used for just about anything on the web. Cyberattackers can attempt to pilfer personal data acquired through an online account — including your credit card information. They may try to login to your online banking account. If that doesn’t work, they can Venmo themselves a lump sum of your money to a fake account and then cash out. Maybe they’ll start spamming your friends via email and social media in an attempt to steal even more information. This wouldn’t bode well for your reputation, and it could lead to a lot of disgruntled contacts.
Then there’s the worst-case scenario: identity theft. It happens to millions of Americans every year, and recently, it very nearly happened to a close friend of mine.
My friend’s email account was hacked a few months ago. Somewhere between her kids buying things online, her email/password being compromised in a data breach, and maybe clicking a phishing link in an email, she found that her email account was hacked and ultimately taken over. She changed her password multiple times to take back control of her email account, but the hackers hijacked her email again. Despite reaching out to her email provider, she could not get the help she needed to stop the attackers. Regardless of how it happened, my friend was feeling overwhelmed and vulnerable.
Eventually, her only choice was to abandon the original email account and sign up for a new one. It was time-consuming, as it included changing her logins for every online account — first changing the email address associated with the account, and then making each password strong (and unique!) by using a password manager. In addition, if two-factor authentication was available, it was enabled. Another step was to educate all family members with access to those accounts on what ‘not’ to do, so there would be no chance for another attack.
Lastly, to be extra safe, she put a credit freeze in place. With so much personal information online, it just felt better to have that high level of protection making sure her credit would not be affected long term.
Here are 10 easy steps to protect yourself online. They can help protect your family and friends too and help to prevent your email from being hacked:
Assume that email is not secure, even if you have taken measures to protect it. What do we mean by this? Simply, that you should avoid sending highly sensitive information such as payment or credit card data, Social Security numbers and other personally identifiable information over email if at all possible.
Sure, hackers can find ways to dig for this information if they infiltrate your inbox, but don’t make it easy for them. Safeguards such as 2FA and good old-fashioned vigilance should hopefully be enough to flag suspicious activity so you can take immediate remediation steps.
Keep yourself from being a target by following the easy tips above. Taking these few extra steps may not keep the spam out of your inbox, but it will help to put hacking attempts into the junk folder.
That .zip file looks legit, but it's actually a sneaky new way for cyber criminals to steal your info.
Information belonging to over 100 Italian banks breached by the Ursnif banking trojan was obtained by Avast Threat Labs, which then shared the data with as many of the victims as could be identified.