It was shocking to learn not long ago, that sending an email containing sensitive information equaled risk. What seems to be an innocent email and sent to a colleague or friend, is not at all secure. Well, why not?
You would think the email communication is only between you and the other individual(s), right? Well, unfortunately they’re not! In the past, clients have sent us sensitive information by email such as bank account numbers, social security numbers, and even passwords! They were taking a very big risk! How big? Let’s find out…
Technology Continues To Evolve
With technology constantly evolving, it’s presumable that would‐be hackers are constantly writing new code to aid in their continued hacking success. Intercepting unprotected emails going from point A to point B is another method they use as well. We’ve all heard the many reports of Yahoo email accounts being hacked. After their last hacking fiasco, it was announced that over 1 billion accounts were compromised as reported by the New York Times. That’s a lot of people!
Now, imagine for just a second how many people did those 1 billion contact? How many of those emails had some sort of sensitive information included? Again, email containing sensitive information equals risk and just the thought is alarming enough!
So how do emails get hacked? Well, one way is for hackers to intercept sensitive information contained in your email. They don’t even need a password to your email account to successfully do this.
So how do emails get hacked? Well, one way is for hackers to intercept sensitive information contained in your email. They don’t even need a password to your email account to successfully do this. How can they do it? Here’s a trick they use…
The hacker penetrates your email provider’s records. What they need is an unsecured connection through the email provider, where they simply gain access to information for DNS records. Although we consider ourselves somewhat tech savvy, this article will go into much more detail (for the engineers in our audience) on how hackers can even do this. Admittedly, it is quite interesting.
Getting back to the Yahoo hacked email fiasco—typically people are creatures of habit. More often than not, they use the same password for everything. Most people like to create very easy passwords so that they don’t forget them. They will use passwords such as 123456, the street name they live on, name of a family member, and believe it or not, even their own email address. This is definitely not a wise move! When your email account gets hacked, now, any email coming or going can be viewed. Think of it like a receipt when you purchase something. Did you send personal information such as your street name, family member name, etc? Now, the hacker has even more information on you and will most likely make random attempts to access your email just as you would. If successful, the hacker can then conduct other fraudulent activities such as obtaining your credit card information, applying for credit, or worse, stealing your identity. It is imperative that you create unique passwords for your email account(s), or any online account for that matter. A password that has at least 8 characters with a combination of uppercase letter(s), lowercase letter(s), number(s), and symbol(s) are your best defense against hackers. Y0ur#1P@s$w0rd is an example of a very strong password, where 123456 is not so great and pretty easy for hackers to figure out.
Tips To Remember
When signing into your email account, ensure that the browser starts with https:// and not http://. The ‘s’ tells you that your connection is secure. Additionally, websites you visit that start with https:// are also safe, compared to http:// or www.
- When signing into your email account, ensure that the browser starts with https:// and not http://. The ‘s’ tells you that your connection is secure. Additionally, websites you visit that start with https:// are also safe, compared to http:// or www.
- If you need to send sensitive information, click here and refer to these service providers that will encrypt your email and/or attachments. We use a service called Citrix ShareFile and any information you upload to us via our Contact Page, is safe and secure! Additionally, any sensitive information we send you will also be encrypted using the same service.
- Create unique passwords that have a minimum of 8 characters and include a combination of uppercase letter(s), lowercase letter(s), number(s), and symbol(s). An absolute no no is using your email address as your password! Avoid using identifying information for your password, such as the street you live on, family names, social security numbers, home address, city and state you live in, etc. The first step in creating a unique password, is for that password not to have any association with you or anyone you know.
- Change your password regularly. We typically change our passwords every 60-90 days. In the past, we have gone as long as one year before changing our passwords but will say that we have some pretty good passwords.
Hopefully, this article clearly communicated the reasons in why emails containing sensitive information equal risk. Now, you might be saying to yourself, this all sounds great but I can’t even remember what I did yesterday, let alone remember a password or even a password I change every 90 days. The information provided below will assist you tremendously!
We will start off by saying that we are not a paid spokesman or endorser. We are simply a very satisfied user. Check out RoboForm. There are other services available that assist with the same concept which you can research by clicking here. All of the services available are really the next best thing since…well, the computer! It will save all of your passwords for you. Typically, you remember just one Master password and the service will remember your password for everything else. How? For RoboForm, you login while you’re surfing the internet. Once logged in, it’s right there watching your every move as you surf and log into your favorite websites. It will save your information and even time out after a predetermined time you set. Additionally, many settings can be customized to your personal taste.
Your settings can be simple or more complex. Don’t have your computer with you? You can login to RoboForm from any computer and even your iPhone anywhere in the world. You can even have RoboForm generate passwords for you if you aren’t creative enough in doing that yourself. We included a little screen shot to show you how easy it is.
Make sure to check out our article titled The IRS combats refund fraud and identity theft by offering IP PINS.
We’ve been using RoboForm for well over a decade now. With each update, comes great new enhancements. Lastly, we should make it known that we have never had any of our information compromised…anywhere! Hopefully, we’ve communicated the reasons why emails containing sensitive information equal risk and now you have some more resources to research so you can protect yourself! Feel free to share this article by clicking the share link located toward the top, below this post title.
Posted from Admin at Association Financial Services, LLC