In a previous post, we discussed how a computer virus can affect your ability to conduct business over email. While a virus can be spread to other computers through an infected email account, other methods of email hijacking have become more common in recent years.
How does a bot gain access to my account?
- Your computer is infected with malware (previously discussed here).
- You use the same username and/or password for more than one account (i.e. email, Facebook, LinkedIn). Even if your email account was not compromised, one of the other sites with the same login information might be, and this could expose all of your accounts.
- Your password was decoded by password cracking software. This scenario is fairly uncommon, but using an insecure password can increase the risk of your account falling into the hands of someone using password cracking software. The more difficult your password, the longer it will take to decode.
- Your password was intercepted when you logged in using an unprotected public hotspot or wifi. While this scenario is not likely, using an unencrypted connection to your email does pose a risk if you unknowingly connect to a fake hotspot or someone is monitoring traffic to intercept login information.
“What can I do to make sure this doesn’t happen to me?”
- Choose a secure password. We recommend at least 8 characters with a combination of letters, numbers and special characters. Avoid real words or anything that could be guessed by someone with access to your personal information. We also suggest updating your password occasionally as an added precaution.
- Don't use the same username and password more than once. If your password is compromised on one website, there is a chance your information will be sold or used to try to access other accounts, including your email address.
- Access your email using an encrypted connection to prevent anyone from seeing your password.
- Don't click on links or open attachments that seem suspicious. Not sure an attachment is safe? Scan it first!
- Keep your operating system and antivirus software up-to-date, and be sure to back up your devices regularly.
“I have too many accounts! What if I can’t remember all of my passwords?”
- Use abbreviations of longer phrases, like a quote from your favorite movie or book, or a song lyric. Avoid using combinations of personal information like your dog’s name and the year your child was born.
- Use a password manager service like LastPass or 1Password with a secure master password that you update frequently.
- At the very least, alter your passwords slightly for each login by adding numbers or special characters you can associate with that website or service.
As spam continues to increase in volume and complexity, server administrators have had no choice but to add more restrictions in an attempt to prevent their users from downloading a virus or following a link to CryptoLockers and other invasive malware.
As a result, it is important to take steps to ensure your account remains secure, not only for your own data security, but for the shared reputation of the mail server for all users. While taking precautions now may be a temporary inconvenience, everyone will benefit if we all take appropriate steps to secure our email accounts.
Posted July 28, 2015