Why your email account is worth more than you think

In recent years and months, we have been constantly reminded of the threat of cyber criminals and the importance of proper security measures. Yet it seems there are still many people who don’t fully understand the value of their own personal data. According to a 2019 survey, 21% of respondents use personal information such as their pet’s name or birthday when creating passwords, and 9% have never changed their main email account password.

It’s easy to assume that if you don’t bank online or keep any sensitive information stored on your PC, your system or your email account is not worth hacking. What do the bad guys stand to gain from access to your messages, and how could they possibly monetise this?

Here we aim to shed some light on what is at stake when this type of data is compromised; why it’s so important to secure your email accounts, and why we do what we do to ensure we source the best cyber security talent the market has to offer.

In reality, your email account is often the gateway to all your other accounts, services and data. Think about all the times you are asked to provide your email – the number of online services that require you to enter a valid email address. Social media, online shopping, delivery and takeaway services, news sites and subscriptions, retail reward schemes, and cloud-based services for storing your photos and documents. In virtually all cases, the person in control of that email address is able to reset the password for any of these accounts simply by requesting a password reset email. So by hacking your email account, a cyber thief can very quickly access all of your associated services as well.

The implications of this become immediately obvious when you think about online banking sites, or any online retail accounts you have that perhaps store your payment information.

But even if you don’t do any financial transactions online and merely use your email to contact friends and family – your hacked email can be used to blast those contacts with malware and phishing attempts. They may even be sent scam messages claiming to be you, asking them to transfer money somewhere.

Not only that, but there is a huge black market for all your other compromised accounts as well. According to one cyber security source, hackers can sell iTunes accounts for as much as $8 each, Groupon.com accounts for $5, and active accounts on Facebook and Twitter for $2.50 apiece. Do you use the name of your pet or your old school as answers to security questions for online banking perhaps? Think how easy these things would be to deduce from your social media profiles.

To keep your computer and your accounts from being compromised, adopt some of these recommendations from top security advisors:

• Use passphrases instead of passwords – the longer the better. Passphrases are much harder for sophisticated software to crack. It should be easy to remember but complex, and should not include any words of personal significance (like pet names or the place you were born) or well-known phrases from films or books.
• Don’t reuse passwords across multiple sites. If one account is breached, other accounts with the same credentials can be easily compromised and lead to identity theft.
• Implement multi-factor authentication on all your email and social media accounts. This adds an extra layer of security by requiring you to confirm your identity with a one-time code sent to your mobile, for example.
• Install antivirus and firewall software, and keep up with patches and updates.
• Finally, you can check to see if your email account has been stolen here.

We should never feel as if our devices are one-hundred percent safe because that means we take our eyes off the ball – and that’s when a breach occurs. Instead we need be continually aware that while we may not have been hacked yet, it can happen at any time.

If you are looking for cyber security talent to help keep your organisation safe and secure, get in touch with us to see how we can help.