Hacked Email: Why Cyber Criminals Want to Get Into Your Inbox

“I don’t care about getting hacked, there’s nothing valuable in my email”

If I had a nickel for every time I heard that!

It’s the most common reaction I encounter when I try to warn people about cyber threats and what can happen if their email ends up breached.

And the odds are against us: one in four email accounts today gets hacked.

Here’s a simple exercise I invite you to do. Open your email and take a look at everything that you keep on it, both sent and received conversations. Scan all of them, every attachment you ever sent or received, every personal and work conversation, every email draft.

The truth is, we aren’t aware that we are living a big part of our lives through our email inbox.

We keep it all there, in only one place: photos, contracts, invoices, tax forms, reset passwords for every other account, sometimes even passwords or credit card PINs.

And our emails are interconnected to all our other digital accounts, from bank accounts to social networks (LinkedIn, Twitter, Facebook, etc), cloud services (Google Drive, iCloud, Dropbox), online shops (Amazon, for, ex, where you most likely saved your credit card details as well) and so on.

By simply breaching the email, a malicious hacker can easily get access to all those. They know how to do that.

They know how to take advantage of all the information that we keep on our emails and how to cause us harm.

how keep safe from spam delivered malware

And don’t imagine that they just want your money.

No, they want all the details they can possibly get, no matter if you’re the CEO of a top company, a celebrity or just someone with “nothing valuable” on their emails.

As long as you have an identity and an email address, you’re valuable.

Your data can be used to make financial operations in your name. Cyber criminals can use your credit card details, open bank accounts in your name, take out loans, ruin your credit card’s rating and many others.

What’s worse? 68% of the identity theft victims don’t even know how the thief obtained their information in the first place and 92% don’t know anything about the individual / group that stole from them.

It’s no wonder that our email accounts are being traded all the time!

Here’s what your online accounts are worth on the dark web:

What your hacked account is worth on the Dark Web

So never say “I don’t care about getting hacked, I have nothing valuable in my email”. Sure you do.

The information that you keep on it is just as valuable as gold.

Gold bars


Everything that you keep in your email that makes cyber criminals want to hack it


1. Contracts

Contracts almost always contain confidential information that you wouldn’t want anyone else to see – especially malicious hackers!

Imagine that you’re the CEO of a company and all your employee contracts get leaked. They end up seeing all the deals that they have, a situation that might seriously shake your business.

This actually happens all the time, no matter the size of the company. Remember the Sony Pictures Entertainment hack, from two years ago? A hacker group leaked personal information about the company, their employees, their families, their emails, executive salaries, copies of (then unreleased) movies and many others, including emails of its co-chairman, Amy Pascal.

In the end, it was a very expensive hack, costing the company more than $100 million.


2. Personal conversations

Ryan Holiday been through such a scandal, back in 2008. While he was the Marketing Manager of American Apparel, a former IT employee leaked the personal conversations between him and the CFO. The media outlets span them in order to appear as if the company was facing bankruptcy.

What would be the consequences if your private conversations were ever leaked online?

How much would your business or your job suffer?

shutterstock_167852012.jpg


3. Photos – especially nude photos

It’s been only two years since the Fappening, when hundreds of nude photos, mostly with women, were leaked. Various celebrities were affected by this scandal, including Jennifer Lawrence, Kate Upton, Kirsten Dunst and many others.

The attacker used a simple phishing technique in order to gain access to victims’ accounts: he sent them emails that appeared to look like they came from Google or Apple, warning them that their accounts might be compromised. He asked them for their passwords and that’s how he managed to get into their emails and iCloud backups.

Lessons to be drawn?

Learn how to detect phishing attacks. Be a little paranoid and pay attention to how you spend all those clicks.

In case every other safety net falls, it’s always better to refrain from taking nude selfies in the first place.

If it’s in a digital environment, you can never be 100% sure that it’s safe, so better not take any photos that you’d be ashamed of if anyone else saw them.

Your normal photos can also be used for identity theft, but these are harder to keep under control, with all the activity on the social networks.

If you want to keep your privacy settings under control, you can start with these security guides for Facebook, LinkedIn, Twitter, Instagram.

mobib transport pass


4. Invoices, scanned IDs, insurances

All these can be used by malicious hackers for identity theft as well.

I tend to scan the important documents or take a photo of them and then email those to myself (or to whoever needs them at a certain moment).

Easiest solution is to delete them immediately afterwards.


Now I understand why cyber criminals want to hack our emails! Here are 10 reasons:
Click To Tweet



5. Passwords, credit card pins or bank account information

This one’s easy: if you’re storing your passwords on your email, in case your email gets breached, so do all your other accounts.

You either write them by hand and store them in a safe place, where only you have access, or you use a password management software to keep them encrypted for you.

Here are more tips on how to manage your passwords.

password


6. “Reset your password” emails

Most likely you used your email several times to reset the passwords for other accounts, such as Facebook, Twitter, Amazon etc.

If a criminal gets access to your email, they’ll see what other accounts you have, reset your passwords and take over those as well.

It’s not hard for them to find them, but you could make their job harder by deleting all the emails you get from those accounts.

Also make sure that you unsubscribe from all the useless notifications those services send.

If you have accounts on online shopping websites such as Amazon, try not to save your credit card details on them. Instead, fill them in every time you want to buy something.

Cyber Security for Travelers - How Not to Get Burned This Summer [Heimdal Security]


7. Travel itinerary and calendar

These are gold for thieves or scammers. Just think about it: they know precisely when you’re gonna leave home, when you will be on a plane (and most likely without a phone signal), when you’ll be in a meeting, and when you’ll return back home.

You can end up with your house broken into. Or, even worse, they can use that information to scam your parents, as they know you won’t have access to a phone.

If you’re preparing to travel, here are some tips on how to how to have a cyber safe holiday.

Check statistics and researches


8. Tax forms

Tax forms contain a crazy amount of information about us, that can be used by identity theft criminals.

If you emailed them in the past, search for them and delete them.


9. Order confirmations from online shops

Such emails contain all the order details, from what you bought, to the delivery address, date, phone number and method of payment.

From here, a cyber crook can also access your online shop profile and see your saved credit card details.

Remember to delete all transactional emails after you received the orders.

Don’t save any credit card details or delivery addresses on your profiles – not on Google storage, not on Amazon, not on Dropbox, nowhere.


10. Your contacts

It’s not only your contact information that’s compromised, but also all of your contacts.

They are also valuable to cyber attackers, as they can use them for identity theft as well or to sell on the dark web to spammers.

I’m talking about email addresses, phone numbers, even physical addresses.

Media manipulation through fear and panic


Here’s what you can do to keep cyber criminals out of your email account:


1. Set strong and unique passwords

This should be the first and foremost step taken.

I know I keep insisting on this step. I’d skip it altogether if there wasn’t a huge discrepancy between what people know they should do and what they actually do. Unfortunately, it’s in the human nature to react only after getting burned.

The two main characteristics of a good password are its strength and uniqueness.

A strong password should be long enough (go for at least 14 characters), include upper and lower cases, numbers and symbols.

Don’t use your name or nickname, your birth date or birth place, nor the birth date, birth place or name of any of your family members or friends (pets included as well).

Also stay away from any variation of the word “password” or common passwords such as “qwerty”, “0000”, “1111”, “12345”.

Here’s a longer list of bad passwords.

Password

By “unique password” I mean to say that you shouldn’t reuse your passwords on any other accounts. Don’t set the same password for Facebook, Twitter, email, cloud storage and so on. Otherwise, in case one of those services gets hacked, all the rest of your accounts will be vulnerable.

Learn from the recent mega data breaches that affected hundreds of millions of users. Databases with passwords from LinkedIn, MySpace and Tumblr accounts led to many more breaches.

Celebrities were just as affected: Mark Zuckerberg’s Twitter and Facebook profiles were hacked because he was using the same (extremely weak) password he had on LinkedIn. Katy Perry and Drake weren’t spared either. I would have thought they have a team of experts consulting them on essential security matters, but…guess not.


Just found these useful tips on how to prevent cyber criminals from hacking my email:
Click To Tweet


Most likely you have tons of accounts that you use more or less often, which makes it an almost impossible mission to keep track of all the random, strong and unique passwords. You can make your life easier by using a password management software.

It will keep all your passwords encrypted and warn you if you try to set a password that’s neither strong nor unique. And this way you’ll only have to remember the master password, the one that you use for the software.

Here are more tips on managing your passwords.

shutterstock_167852012.jpg


2. Activate two-factor authentication

This is the second most important step you should take. Activate two-factor authentication (also called multiple factor verification) everywhere you can.

Almost all major companies offer this option and some even impose it by default. From bank accounts to email providers, big social networks, cloud services and so on, you should keep it enabled everywhere it’s available.

It works as an extra protection layer, besides passwords. The second factor usually consists of a unique passcode that’s time sensitive and you can only receive it through your mobile phone or some other physical object that you have.

You can see how this can be an impediment for malicious hackers, lowering their chances to succeed. Even if they somehow manage to find out your passwords, they’ll only be able to access your account if they also get past this second security layer.

And you won’t need to authenticate yourself every time you open your browser or mobile app and want to check your account. You can save the devices and browsers you use most often, and you’ll only be prompted to insert the second-authentication factor if you want to log in from a new device.

Here’s how and why you should activate two-factor authentication.

Cyber Security for Travelers - Lock Devices With Password [Heimdal Security]


3. Set a lock code to your devices

I’m surprised to see how many people leave their devices unprotected by not setting an automated lock.

We can’t always guard our laptop, mobile phone or tablet and make sure that nobody else accesses them. A lock code is one of the easiest ways to keep intruders away.

I had to learn this the hard way. A few years ago I left my laptop unsupervised for a few minutes. One of my soon-to-be-ex-employees took advantage of the occasion and installed a keylogger on it.

Just a few weeks later, he used all that info to hack me and cause damage to my work. Nothing irremediable, by it was still a huge ruckus and stress that I’d have rather not been through.

Here are more tips on how to keep your mobile phone secure.

12 True Stories that Will Make You Care About Cyber Security (2)


4. Install security software

Install security software on all your devices. By “security software” I’m referring to:

A strong, reliable antivirus. Pay for one that’s well known, never install antivirus from pop-ups or ads that you run into while navigating on the web.

Here’s an advanced guide on how to choose an antivirus that will suit your needs.

Software that will keep you safe against the newest generation of malware. Yes, our own Heimdal Security is such a product – it works in a proactive way, by analyzing your traffic data. Heimdal will block the attacks before they get a chance to cause you any harm. It works complementary to antivirus.

Phishing


5. Learn how to detect and prevent phishing attacks

Phishing isn’t a new technique, but it’s still an efficient one: 23% of email recipients open phishing messages, and 11% click on attachments!

Cyber criminals can use phishing attacks to withdraw money, steal your identity, open credit card accounts in your name and further trade all that information about you.

So be careful with what emails and attachments you open or what links you click on.

Here’s a complete guide on how to detect and prevent all types of phishing attacks – read it, learn it, start applying them.

back-up


6. Declutter & Backup

Stop keeping things that you don’t need anymore in your inbox. Delete all useless emails (especially all those that I talked about before in this article).

Backup everything else, every important email or attachment. Encrypt them and store them in a safe place (it can be a cloud storage or a separate hard disk).

Here’s a simple guide to backup.

slow computer


Conclusion

Don’t be delusioned into thinking that this will never happen to you, that it only happens to celebrities or important CEOs. It might have already happened and you’re not even aware of it.

Yes, the violation of your privacy is a serious criminal act. Yes, law enforcement agencies will surely find and punish the ones responsible. But, by then, the damage will have already been done.

Do you really want to go through all that stress, all that wasted time and energy?

However, in case it’s too late and your account was already hacked, here’s a guide on how to control the damage.

Read More »

Why You Need More Than Just Anti-Virus Programs

Ever wonder how you got viruses on your computer, even when you have a respected anti-virus program on it? A little while ago, having an anti-virus program would be more than enough protection from even the nastier viruses out there. Unfortunately, viruses are getting more and more clever and it is increasingly difficult to stop them all!

How exactly are viruses getting past your anti-virus programs? Check out some of the reasons below:

1. There are more viruses out there than ever before.

bug-pc-virus-1242774-1280x960In the earlier days of viruses, there weren’t as many people putting viruses out there, so it was a lot easier for anti-virus programs to keep up. Now, there are new viruses coming out each day and it’s impossible for your anti-virus program to recognize them all right away. It can take the anti-virus programs a few days to recognize the newer viruses, and in that time the viruses might already be on your computer. Think of it like a race, and the viruses are always a little bit ahead of the anti-virus programs.

2. It’s easier to download viruses than it used to be.

Before, all you really had to do to avoid viruses was pay attention to what you were clicking on. Now, sites can be hosting advertising that they don’t realize is malicious. This means, you can be going to a legitimate site but the ads it has on it aren’t. If you click on these ads, they can download a new virus onto your computer without you even realizing it. No longer can you avoid viruses simply by avoiding certain websites.

3. Viruses are changing incredibly quickly.

Even if an anti-virus program knows about a specific virus, viruses are changing constantly. It becomes a race between the virus changing to slip past the security, and the anti-virus building up new blocks to stop that from happening. If a virus slips past the security during the race, it becomes much more difficult to get off (which is where the FixMeStick comes in).

4. Most anti-virus programs can’t fully remove viruses once they’re on the computer.

access-control-keyboard-version-2-1242513-1279x852Anti-virus programs focus on keeping viruses off of your computer. While they try to remove viruses that have slipped past the defences, they are not as effective at removal as the FixMeStick. Viruses can interfere with the programs trying to remove them, and can hide within the computer so the scans miss them. With the FixMeStick, the scan is running while the rest of the computer is turned off. This means the viruses are inactive as well. This allows for easier  removal of any viruses on your computer.

That’s why we say the best option is to use the FixMeStick in partnership with anti-virus programs. They almost work as a team, with the anti-virus stopping most viruses from getting through and FixMeStick picking up the ones that do. Double the protection, double the safety. 

Read More »

How to Remove “Your Mac has been blocked error #268D3” Malware?

Hello. I have “Your Mac has been blocked error #268D3” pop up on my brand new mac. I believe that it is a piece of Back then, I clicked on a link and got a notification saying to call a number for mac osx support; otherwise, this virus would get access to banking information, photos, etc. It sounds like a simple web pop up. The pop up wouldn’t go away and I gave into the fear. I stupidly called the number and gave them my credit card detail to pay. They said they would help me remove the virus over the phone. I got scared and made the mistake of doing it without thinking. My gut told me to end the call and hang up after 3-4 minutes. Can they still grab the money in my account or use my credit card to do shopping without my permission? What can I do to get rid of the pop up and virus?

Brief Information about “Your Mac has been blocked error #268D3” Malware

If you see “Your Mac has been blocked error #268D3” on your browser, your mac is infected with a piece of dangerous malware. In those days, the cyber criminals use malware to scam people randomly. They made up fake alerts to scare people by prompting them to contact the fake mac os x support, Microsoft certified technicians or McAfee computer experts. Once the malware accesses your Mac, it shows you fake warnings saying that serious virus and vital error have been detected. The fake warning page can hijack your Google Chrome and Safari and make it difficult to close. You may wonder why your Mac could be infected with virus easily while you have famous antivirus program on the computer. We have to tell you that this malware is able to block your antivirus program and other security programs. In this way, the malware can not be detected or removed before you notice it with your naked eyes. Though you can’t delete virus under the help of antivirus, you can’t call the given for help. They are fake tech support and will not help you fix the problem. You ought to remove this “Your Mac has been blocked error #268D3” malware manually.

How this Malware Come to Your Mac?

The malware that brings you “Your Mac has been blocked error #268D3” pop up is widely spread nowadays. It has become a common infection. It is bundled with the third party software that has been compromised. Most of them are ad-supported software. At the beginning, it is installed a small component. However, it can be powered and upgraded by itself after it is connected to the network. You should not understate any plug-in or component. Next time, read the items of installation carefully and know clearly what you are going to install to avoid potential unwanted programs on your computer. The malware also can sneak into your system when you click on malicious link. Sometimes, you may see ads pop up computer. Not all the ads are legit and safe. If you click on the malicious ones, the malware will seize the opportunity to get into your system. Do not click on unknown pop-up ads and close them immediately.

How this Malware Work?

“Your Mac has been blocked error #268D3” malware is trying to trick you into sending money to the criminals for non-existed computer threat. It blocks your browser and reports bogus system scan results. Once you are redirected to the the error #268D3 page, you can’t close or minimize it. You are not supposed to ignore this vital alert. It lies that your Mac access will be disabled soon as your computer informs the so-called tech support that virus and spyware have been detected. It urges you to call the given number for support. When you click on your security program trying to remove the virus, it tells you that the security program is off. If you want to run it again, it will not turn on. You only see a notification “Learn more”. It will redirect you to its websites and ask you call for help again. Once you contact them, they will spare no effort to scam you. Their goal is to sell you useless software or unnecessary service. In fact, they are not able to fix your problem. You may see unknown extensions, toolbars, banners and other useless programs on the browser. All those programs support this “Your Mac has been blocked error #268D3” virus. Your computer will run slow and freeze frequently for no reason. This malware will damage your system badly. Please stop it immediately.

Processing manual removal is supposed to have a certain level of computer literacy. If you are not sure how to start and are afraid of making any critical mistakes damaging the computer system, please live chat with YooCare Expert now.

Notice: Please do a system backup before you start to delete “Your Mac has been blocked error #268D3” malware manually

1. Since your browser is already blocked by error #268D3 malware, you can’t exit out the virus page in a normal way. If your Safari browser is hijacked by this Ransomware, you can click the Search button in the top right corner like the picture shows. And then type in: Safari and hit Enter key to reopen a browser without virus page first.

Removal-guide-on-Safari

2. On the Apple menu bar, click Safari, and then click Preferences.
safari.png

3. On the Extensions tab, delete all the suspicious add-ons.
two.png3
4. Next, select “Preferences“, go to the “General” tab and change the “Default Search Engine” to Google. Then, in the “General” tab, find the “Home Page” and change it to “google.com”.
5. If the error #268D3 page still appears, please contact YooCare experts online for further help.

Conclusion

There is no doubt that the “Your Mac has been blocked error #268D3″ malware is harmful to your system. As you know, it blocks your browser and does not allow you to access the Internet. Besides, it monitors your online activities for sensitive information thus helping the cyber criminals make illegal money. Never give the criminals any chance to access your precious information. We don’t know what the criminals will do with them. The most important thing you need to keep in mind is that the error #268D3 pop up can’t be trusted. The real threat is the malware behind it. Do not call the owner of malware for help. They will not help you remove the virus. They may just hide the fake alerts temporarily if you buy their service or software. The malware is still on your computer and will bother you again and again eventually. Do not waste your money on it. You need to get the error #268D3” pop up off your system manually. Get rid of all the fake alerts and errors once for all.

Can’t remove the virus and are afraid of making any critical mistakes damaging your computer? please contact YooCare Expert for further removal help.

The post How to Remove “Your Mac has been blocked error #268D3” Malware? appeared first on YooCare How-to Guides - YooCare Blog.

Read More »