By Ian M. Marlow
February 2, 2015
Corporations should certainly have adequate firewalls installed and protocols in place in case of cyber-intrusion in the workplace. But what about personal email—especially a personal email account that you use for business? Either way, you need to take immediate steps to protect your data. Here are some steps to take as soon as you discover your email account has been hacked—at home or at work, the same guidelines apply.
- Change the password. According to a recent article in USA Today, the most popular password last year was “123456.” Honestly, this is not going to protect you. A good password rule of thumb is to go with eight characters; include at least one capital letter, at least one number and at least one symbol. Be a bit creative and mix it up.
- Change the password again two days later. Another good rule to follow—don’t wait for hackers to intrude; change your passwords and log-ins for all accounts at least once per year.
- Don’t limit password changes to only your email. Think about any website or program you use that has any private information (such as banking sites or common e-commerce websites). Immediately change the passwords to those related accounts as well to keep your information away from prying eyes. Hackers are looking at your sent folders and inbox items so any confirmation emails for any online transaction could be the portal to a very serious situation for you.
- Remember to update the password on your mobile devices – your password has to be changed on your smartphone and tablet as well so you can continue to use email there without hesitation.
- Run a malware program on your local PC to ensure that nothing is running on it that does not belong there (and that there is no malware monitoring your PC). Hackers could be watching your keystrokes and harvesting confidential information at your great expense.
- If you use that email account for business or to communicate with any business associate, a professional contact, or anyone who would wire money or handle financial transactions or business, let them know that the account is compromised. Any content related to financial transactions should be discarded as soon as possible.
- If your email’s been hacked and you receive a message with instructions that funds should be wired anywhere, contact the authorities and tell them you have received a cyber threat.
- Establish an alternate email address for temporary, secure communication with other parties. This way, you are free of spam and malware, and you can communicate with others without being inconvenienced.
- Store your log-in information on a password-protected file in a secure Dropbox. Your mobile device requires a password as first level security, a second password is required to get into the app itself and finally a third password to open the file). An encrypted file on a private Dropbox will provide good protections for all your passwords and user IDs. Also, don’t use the same passwords between the application and file.
- Look into services that provide encrypted password services such as Folder Lock, Splash ID and others. Beware that not all password management services provide encryption. You can also use third-party, web-based email encryption services such as Sendinc or JumbleMe. You can also take the time to setup secure email encryption on your computer. You can read more about what emails to encrypt and how to do so here.
The monetary and setup time investments are small compared to the cost of having your email (and all that private information) hacked.
What steps have you implemented to protect your email accounts from cyber-intrusion?