A SECURITY WARNING ….YOUR EMAIL MAY BE HACKED : PRECAUTIONS FOR PREVENTION
In this article, I just tried to briefly describe few common examples recently observed , with ONLY a little bit of technical information regarding – how emails are being hacked, symptoms, what to do in case your account is hacked and precautionary measures to protect yourself. This is not a comprehensive discussion, but covers some of the common issues and remedies. The following screenshots are from the emails spammed my mailbox. My antivirus helped me to evade the attacks ( I personally use Bitdefender ; see discussion below- point 2 of the section ''Other Important Information").
A new malware spreading through emails –
MANY VARIETIES…. NEVER EVER CLICK THESE LINKS SHOWN BELOW….THE HACKER WILL STEAL YOUR ACCOUNT…ALMOST IMMEDIATELY.
(example one and two are the most virulent forms from a hacker. third could be a spoofer- see below).
One looks like the email provider telling that you have some pending emails and to retrieve them you have to click a link : the link takes us to a malware which hacks our emails and personal data- be cautious..!
You will be told by hacker (looks like official email provider) that you have only some space left In your mailbox and you need to upgrade.
You will get a mail from your friends that they need to share a link. The senders actually do not know that they are sending these …! Don't misunderstand them. sometimes, an attachment will contain a virus.
NEVER EVER CLICK THESE LINKS….THE HACKER WILL STEAL YOUR ACCOUNT…ALMOST IMMEDIATELY.
If you are lucky enough to have an updated antivirus, it might show the following message :
What happens next if you accidentally click the links :
Your email will be hacked immediately. And soon, some of your friends will get a message that you’ve been stuck somewhere in a remote country when you went for a conference. If any of the recipients respond, a series of messages follow that will hack the email or bank accounts of the victim (the unfortunate recipient).
There is one more variant : instead of being hacked, some of the hackers use ‘spoofing’, i.e., Mail is being sent from somewhere else with your address being forged onto its "From:" line.
Many times, we do get spam , with ads of Viagra, watches, cosmetics or condoms, with from address stating the names of known. The hacker sends emails from your email id to others. While the spoofer uses your email id to be shown, though the mail is sent from somewhere. If your email is hacked, it is an immediate danger while, the spoofers eventually compromise your security by sending links with adware and malware.
IMMEDATE STEPS IN CASE YOUR ACCOUNT IS HACKED :
If you could still access your email account :
1. Change the password immediately- choose a password that is difficult to guess (using the name of your spouse, date of birth etc makes it easy for guess and makes your account prone for hacking); choose to add few numbers also to be included in the password.
2. Keep your retrieval information (like security questions etc) updated. Nowadays, email providers also use OTP (one time password) to be sent to your mobile. So, register your mobile in your profile.
If you could not access your email account : it is possible that the hacker might have changed the password.
1. Reclaim your account by using, “Forgot password” option. You need to answer the security questions or using a backup email account. These options vary from and depend on the individual email providers.
ARE YOU SAFE AFTER CHANING THE PASSWORD ? : NOT COMPLETELY
If your system is infected with a spyware/malware/virus etc. , even your new passwords will leak to the hacker. You have to scan your system using a good, updated antivirus.
WHAT MAKES YOU PRONE FOR HACKING ?
Using the passwords that are easy go guess, sharing the passwords with others, clicking on the links in the email spam (as shown above), using the same passwords for several sites, using easy security questions (like mother’s maiden name etc.)..all these will make you prone for hacker attacks.
In addition, if your computer is installed with several free programmes, however legitimate they may be, will sure to attract some adware. That eventually brings some malware too.
In some cases, children might be playing some online games, and in doing so, they madly click on any link that appeals to them. Some hidden links will install spyware in your computer, which will be activated later.
Sometimes, watching the porn sites might infect your computer so badly that your passwords and credit card information etc will all be stolen in one go.
WHAT PRECAUTIONS TO BE TAKEN :
· SETTING THE PASSWORD :
1. Use a password that is difficult to guess, with a combinations of letters and numericles.
2. Keep changing the passwords often.
3. Never share your passwords.
4. Use different passwords for different sites.
5. Keep your security information updated (security questions, back up email, mobile phone number etc) and registered with your profile.
· CARE FOR USING THE SYSTEM/INTERNET :
1. Never try to open your emails in shared computers/ public computers/ public wifi like air ports, hotels, shopping malls etc. : this makes you more vulnerable.
2. Never click on any links in spam .
3. Never respond to emails asking you to update your login Information/upgrade your account etc.
4. Never enter your email id and password in any sites other than the website which you regularly check email. See the address bar carefully before you actually type in the info. – some sites will appear as the original sites (email provides, online bank services etc). but if you check the address carefully, you can avoid being mislead.
· OTHER IMPORTANT INFORMATION :
1. UPDATE YOUR BROWSERS : MOZILLA FIREFOX AND GOOGLE CHROME are the popular and widely accepted ones. internet explorer is inbuilt with windows. But, unless you have the original and legitimate operating system the security flaws will not be patched.
2. UPDATE YOUR ANTIVIRUS : ALWAYS USE A GOOD ANTIVIRUS PROGRAMME . UPDATE IT REGULARLY. Many antivirus programmes update themselves automatically if you are connected to the internet. Among the free programmes, Avast, Avira and AVG are good and popular ones. Some reviews say AVG is more bloated and may not clean the antivirus completely. I personally feel Avast or Avira are better, though some amount of false positives may be seen with them. Among the paid versions, Bit defender or Kaspersky are the best ones. They are not very costly. One year subscription costs between Rs. 600-1000. NEVER USE CRACKED OR PIRATED ANTIVIRUS. IT IS GIVING KEYS TO A WATCHMAN WHO LATER WILL GIVE THE KEYS TO A THIEF. USE ALWAYS A LEGITIMATE SUBSCRIPTION, PAID OR FREE. They will also protect you against the autorun viruses that spread through pendrives. Malware bytes is another good programme. But , don’t install two antivirus programmes simultaneously in the system. It will crash the system.
3. BEWARE OF FAKE SECURITY MESSAGES : SOMETIMES YOUR SYSTEM STARTS SHOWING MESSAGES LIKE : YOU NEED TO INSTALL A SECURITY SOFTWARE ETC. DO NOT BE DUPED INTO SUCH FAKE ANTIVIRUS. SEARCH GOOGLE FOR THE WEBSITE OF ORIGINAL ANTIVIRUS PROVIDER. DOWNLOAD FROM THEIR SITE ONLY. The fake antivirus pops up and asks you to install . the moment you install the fake antivirus, your system slows down, several web pages automatically popping up and eventually and your browsers start behaving strangely. Removing them will be very difficult.
4. Use a system cleaner like, Ccleaner. Use it regularly to remove temporary files and cookies.
5. Do not install freeware, without verifying its legitimacy and deciding its need. Follow the installation steps carefully. Several software download and install some other software llike browser toolbars , antivirus programmes etc also, if you do not carefully look at the check boxes as the installation progresses.
6. Do not visit porn sites or online gaming sites, unless you are prepared to accept the risks hidden in them.
7. Use adblockers and popup blockers available in chrome or firefox.
8. Never use public internet places to access your emails or bank accounts.
9. Never download and open the email attachments unless you are sure of what they will be containing.
10. Delete spam mails. Do not open any links from them.
11. No email provider will ask your passwords (except while logging in for the first time) or credit card details. Be cautions.
12. Keep a backup of your address book. This helps in case you can not access your old mail and create a new mail id :-)
Please share your views, ideas and experiences in the form of comments below.