Cyber Security Tip of the Week
Last week I took a call from a Stone Hill Agent, “my email has been hacked; my contacts are calling me, telling me I have sent them an email with malware! What do I do?”
Let’s briefly look at the problem in its larger context. In the second quarter of 2011, the average daily volume of spam, scams, and phishing emails was 113 billion, and that’s actually good news. It represented nearly a 30 percent drop in spam volumes over previous quarters, due primarily to the increasing success of law enforcement and major service providers to target and dismantle the channels used to distribute spam. As positive as these crackdowns have generally been, one outcome is that spammers have scrambled to adapt. Some of the recent malware outbreaks like phishing attacks are intended to acquire compromised email accounts and to make spamming viable again. They are targeting email accounts like yours.
Your computer is most likely compromised in one of four ways. The bold one is the most common way that people are hacked: 1) You do not have up-to-date security software installed. 2) Your passwords are weak and easily hacked. 3) You clicked on a malicious link in an email, IM conversation, or on a social networking site, or webpage. 4) You downloaded a game, video, song, or attachment.
So now what do I do?
Here are some helpful tips from iLookBothWays.com
When your email account is hacked, here are several steps you need to take:
- Check your computer’s security. Most hackers collect passwords using malware that has been installed on your computer (or mobile phone if you have a smartphone). No matter which operating system you use, be sure your anti-virus and anti-malware programs are up to date.
- Choose the setting that will automatically update your computer when new security fixes are available. If you cannot afford security software, choose one of the free security suites available. To find these, type ’best free security software reviews’ into your search engine.
- Look to see that all operating system updates are also installed. To find these, type the name of your operating system and “updates” into your search engine. Set your computer to update automatically so that you get protection from new attacks as soon as possible.
- Change your password and make it stronger. Do this after your anti-virus and anti-malware programs are updated or the hackers may collect your new password as well. Strong passwords do not have to be hard to remember, they just have to be hard to guess. Make your password at least 10 characters long, and use capital letters, lower case letters, numbers and symbols. Do not use information about yourself or someone close to you (including your dog or cat!) like name, age, or city. Do not use words that can be found in a dictionary, these are easy for hackers to break, even if you spell them backwards. Text messaging shortcuts can help make strong memorable password creation easier. For example L8rL8rNot2Day! translates to later, later, not today.
- Send an email to your contacts saying you were hacked. When an email comes from someone you know you are more likely to open it and click on links within it – even if the subject is weird. Help stop the spread of the malware by warning those in your contact list to be cautious of any email sent by you that doesn’t seem right, and to not click on the links.
- Smarten up about spam, phishing, and other scams. Spam comes at us from all angles, to the mailbox in front of your home (junk mail) and to your email inbox. Malware can come via instant messaging, social networking sites, chats, forums, websites, and sadly, now also on your phone.
By the way, just tell yourself several things right now:
- You do not have a rich uncle you’ve never heard of in some foreign country trying to send you money!
- You have not won the lottery!
- No stranger is going to give you money for any reason!
- No hot person is lonely and waiting for your response!
By the way, Hotmail has a nice feature that other email providers should emulate. Hotmail has a feature that can help people who have had their email accounts hijacked. Called “my friend’s been hacked” and found under the “Mark as” dropdown menu, a simple click allows friends to report compromised accounts directly to Hotmail. When you click that button, a report is sent to Hotmail where that report is combined with other information to determine if the account in question was indeed hijacked. Once the account has been confirmed as compromised, two steps are taken:
- The account can no longer be used by that spammer
- You (or your compromised friend) are put through an account recovery process that helps you take back control of your accounts
If you are a Hotmail user but your hacked friend uses a different email service, the alert will be sent to their email provider. For example, the alert could be sent to Yahoo! or Gmail so these companies can take action.
In conclusion, the only things you’ll get via an unsolicited pharmacy offer is ripped off or an infection (on your computer or phone). If there really was a miracle weight-loss cure, it would be front page news and on every TV station. No reputable bank or company is ever going to ask you to “authenticate” information online. If you get an email with a link to one of these sites, don’t use it. Instead, use your search engine to find the site yourself and then log in from outside the email message. If the message is legitimate, the message will be waiting for you in your account.