How Secure is your Email?

email

By Rob Cheng

Think for a moment about a piece of information that you know about yourself that no one else in the world knows. I mean absolutely no one. It isn’t your high school’s mascot. Obviously everyone with whom you went to high school would know that. It isn’t your mother’s maiden name. Your mother and everyone that knew your mother before she was married would know that. It isn’t the last 4 digits of your social security number. Your bank, your cable company, your doctor’s office and virtually every other business has that information.

There are two distinct types of security holes that threaten your identity and your life as you know it. First, is your computer itself. As we described in the prior article, criminals are overtaking our computers through security holes and then extorting millions through fear and doubt. The other and perhaps more dangerous type is hacking our email accounts and passwords.

In the 2008 presidential campaign Republican vice presidential candidate Sarah Palin’s Yahoo email account was hacked. In order to hack Mrs. Palin’s account, the hacker needed only two pieces of information, her birth date and her high school. Since she was a vice presidential candidate, in the words of the hacker himself, it took only minutes to obtain the information to hack her account.

Once the hacker had this information, it was child’s play to get Yahoo to reset Palin’s password allowing him full access to her email. The hacker then read all of her email and made public her most embarrassing emails. To be honest, Sarah Palin was quite lucky. The hacker was just a kid that wanted to derail her election campaign. Had the hacker been an organization, they now had the ability to get the passwords for everything that Mrs. Palin held near and dear. This includes her Facebook and Google accounts, but more importantly, all of her financial institutions, Amazon credit card information, and so on. She could have been ruined, all because she told the truth on her security questions.

That was 4 years ago, and sadly, Yahoo’s security hasn’t improved much. On top of that, we learn that George W Bush’s email was hacked, and somehow the state of South Carolina’s tax database was hacked putting close to 4 millions taxpayers at risk of identity theft.

Your email is the hub to your digital world. Once your email is compromised, the hacker has access to every web site that is linked to that email address potentially including your favorite online shopping sites, your bank balance, your credit card and so on. The problem is that the free email sites (Yahoo, GMail and Hotmail) have implemented security questions which represent a huge security hole into your email.

The advice is clear. NEVER answer the security question accurately unless you are absolutely 100% sure that no one else can ascertain this information. In today’s day and age of Facebook and thousands of public online databases, this is essentially impossible. My friend Bill Pytlovany suggests inventing interesting and playful responses to your security questions. This is good fun, but I would suggest the following.

Choose a new password for your email password that is different than all of the other passwords you have. Engrave that password in your mind until it is permanent because this is so important. Then after that has been accomplished, delete all the security questions. I have done this with my Yahoo and Google email accounts and life is just more secure.

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles