Hacking (Part 1) – Guard your email account

 

How to PREVENT your email account from being hacked

 

How do you know that your email was hacked?
-You can’t log into your email account.
-Your sent folder contains messages that you never sent.
-Your email contacts inform you that they have been receiving spam messages from your
    account.

 

What can you do if your email has been hacked?
-Change your password
-Check all your other accounts: email, social networks, blogs, etc.
    Especially if you use the same password for all your accounts
-Delete all accounts that you don’t use
    If hackers get into email accounts that you don’t use anymore, it takes longer time     before you discover it – and the hacker will have more time to do damage.
-Send an apology to all your email contacts.

 

How can you prevent hackers from getting into your email account?
-Don’t choose a typical password
    Many people use easy-to-guess passwords such as their own names with their     birthdates at the end. It is better to combine upper case and lower case letters along     with numbers and symbols.
-Change your password at regular intervals.
-Change your password every one to three months.
-Give only your email address to websites that you trust

 

Look out for PART TWO tomorrow …..

 

The 2011 scammer-trend: Phishing emails

Don´t be fooled by scammers. Hear what happened to one of our customers when she received a phishing email from a man requesting counseling and a health check-up.

You have probably heard about the so called phishing emails, were scammers try to “fish” money out of innocent people´s accounts approaching them via more or less trustworthy looking emails. In 2011 this trend increased significantly making it one of the most common security threats for PC users.

One of MYSecurityCenter´s customers, practitioner Rumana Zahn wrote us an email telling about her experience with scammers pretending to be interested in two weeks of yoga retreat, checkups and counseling for a group of ten people.

Rumana Zahn took the request seriously to begin with, she almost followed through, but luckily she got suspicious. The scammers asked her if they could pay her for full fee including their interpreter´s fee which meant that she should pay their interpreter directly. The trick consisted in the fact that the fraudsters would pay over the net with a stolen credit card. Out of the 7,000 euros they would transfer, she could keep her fee of 2,000 and the rest she would transfer by bank to their translator, which of course was part of the scammer team. That way she would participate in laundering stolen money, which is illegal. She was repeatedly asked whether she accepted credit card payment, but since she had no possibility of accepting this form of payment, she asked the fraudsters to make a bank transfer. She began to get suspicious when she received a second email in which he repeated his questions about credit card payment.

“I began to suspect the whole thing being a hoax, although I actually thought that the approach initially sounded serious. I guess it would have meant me having to be liable. Very clever indeed”, Rumana Zahn says. She asked them to pay by bank transfer or PayPal but she never received an answer.

“Since then I get an email like this twice a year – it’s very similar – a group coming, please arrange. Another friend of mine got the same email two years ago”.

Rumana Zahn is just one of many people who have been attacked by scammers sending out fake emails. Read this newsletter´s Tips and Tricks on what to keep in mind when a phishing email hits you in 2012.

Thanks to Rumana Zahn for telling us her story.
See one of the original phishing emails below.

From: johnsonwilliams400 [mailto:johnsonwilliams400@gmail.com]
Sent: Wed 02 November 2011 15:21
To: j.williams2000@rocketmail.com
Subject: Inquiry

Greetings,

I want to book for 2 weeks checkups and counseling, 1 or 2 hours each
day Monday to Friday (morning or evening hours) for a group of 10. We
will be coming for a one month vacation/holiday from 29th Nov 2011 and
in line with our plans we will require 2 weeks Natural Therapy to help
maintain healthy body due to the nature of our job and also to make
our stay fun. The checkups and counseling should basically be on
Naturopathic consultations or any other Natural Therapy you can offer.

Please let me know if your clinic can handle this for us and get back
to me with requirements to enable me contact you with more
clarifications. Also confirm if you can arrange a one on one checkups
and counseling for us or if its better in group.

Awaits your email.

John Williams

Tips and Tricks

 

Avoid falling for phishing-emails!

 

• Do not reply on emails or pop-ups asking for personal or financial information.

 

• If you are not sure about the reliance of the email, check up on the contact information. Open a new internet browser session and type in the company´s web address yourself. Don´t click on any links in the email and don’t copy and paste the link from the message, it could be a fake link.

 

• Check that the name in the website from the email is not changed slightly. For instance spelling Microsoft as Microsofts or Mircosoft.

 

• Make sure your antivirus, antispyware and firewall are updated. Antivirus software scans incoming communications for troublesome files and warns you before you download harmful files. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources.

 

• If the email contains errors, spelling mistakes or if the text simply does not sound good, stay away!

 

• Check that the sender of the email is the same as the company stated to be behind the email.

 

• Don’t email personal or financial information. Email is not a secure communication method. Normally proper companies as your bank would never ask you to email them your passwords or credit card number.

 

• Review your bank account or credit card statements every week. That gives you time to react on any unauthorized payment or transactions. If you see something suspicious, contact your bank immediately.

 

• Report spam and phishing-emails to FBI via Internet Fraud Complaint Center on www.ifcbi.gov. They collaborate with the authorities worldwide about closing down the phishing-websites and identifying the scammers behind. You can also report it to Anti-Phishing Working Group (an e-commerce-community) on reportphishing@antiphishing.org.