There are a number of reasons cybercriminals hack into databases and steal email addresses and passwords on what seems like a constant basis. In this post, I’ll go over some of those reasons as well as share some tips about changes you can make today to stay safe.
First, the reasons the bad guys want to hack your email account:
- They want to mine personal information from your account they could then use to steal your identity. Skeptical they could do this? Keep reading.
- They might want to take over your email account and email your contacts with malware-laden spam or phishing attacks. (You’ve likely gotten a dodgy looking email from a friend or acquaintance at least once asking you to “click here” or download this attachment).
- Hackers could also use the information they find in your email — like which businesses and organizations you regularly communicate with — to construct highly targeted phishing campaigns where they try to steal even more information from you.
- They could reset your passwords for other services or accounts linked to your email address (banking, shopping, etc.).
- They could send potentially embarrassing information to your friends or family, as detailed in this Atlantic story where a hacker sent a mass email with nude photos, personal correspondences and her email password to her friends and family.
There’s an amazing amount of information stored in most people’s inboxes. Just for fun, open your email right now and look through your old emails. Pay close attention to the attachments — maybe you’ll see copies of your W9 or W2, invoices, images of your real signature, scanned IDs, contracts, insurance information, tax forms, travel itineraries. These are all things that could be used for identity theft.Is your email address connected to your bank and credit card accounts? What if you used the same password for your email that you do for your bank accounts?
It only takes hackers 3 minutes to scan your email for valuable stuff, according to a Google study referenced in this CNN story. You might not realize it but we’re living a big part of our lives through our email now.
What can you do to keep yourself safe?
- Set the strongest password possible. Celebrities like Mark Zuckerberg, Katy Perry and Drake, along with scores of everyday folks, were hacked because they used weak passwords. You’d be surprised at how many folks use the same password for every account, despite repeated warnings. The biggest no-no is using the same password for multiple sites because if one site is hacked and your password is exposed for that site, your other accounts will then be vulnerable. Obviously, it’s hard to remember a bunch of strong (which means long and complex) and unique passwords, which is why you could consider using a password manager. Just make sure that the one password is super strong. And beware, a lot of the advice you may have previously heard is wrong. Phrases, rather than strings of characters and numbers, are harder to crack.
- Declutter your inbox. Backup (in a secure, encrypted manner) your important emails and then spring clean your inbox. Really dig deep and get in the crevices — erase all those things previously mentioned like invoices, contracts, insurance information, tax forms etc. from your inbox.
- Use two-factor authentication on the accounts where it’s possible, especially your email. Two-factor authentication requires something additional beyond just a password and username. If you set it up on your Google account, for example, you’ll be asked to input a code sent to your phone via text, voice call or Google’s mobile app. (Or a Security Key inserted into your computer’s USB port).
LibertyID is the AAA of identity theft protection, offering the most effective identity theft restoration and protection service. Sign up for an annual membership and rest easy knowing that if your identity is stolen, we will fix it. But just like with AAA, you have to be covered before there’s an incident.