NORMAN — We looked last week at a few ways that someone’s email account could have been hacked. They were fake verification emails and fake login pages, fake “Vote for me” emails, “man-in-the-middle” attacks, using untrusted computers and/or forgetting to logoff, and virus infections.
Here are some more ways that the bad guys can hack an email account.
· Easy-to-answer security questions. Online accounts are easy to hack if you can answer the “security” questions that let you access “lost password” accounts. You know those questions you answered when you first set up the account, such as, “What is your mother’s maiden name?” “What is your favorite restaurant?” or “Who was your first-grade teacher?”
If this information is public knowledge or is on a website like Facebook, the account hacking chore is that much easier. This is how Sarah Palin’s Yahoo email account was hacked (see my column titled “Sarah Palin email hack another wakeup call,” 9-21-08, on my website).
I suggest using phony answers to security questions, i.e., “What is your mother’s maiden name?” Answer: “cheeseburger.”
· Lost or stolen devices. Zillions of laptop computers, cell phones and other portable electronic devices are lost or stolen every year. Do not store passwords or security question answers in an unencrypted file on these devices; just don’t.
· Using crummy passwords. Contrary to what you might see in the movies or on TV, computer criminals do not sit around trying to guess passwords; that’s what computers are for.
The bad guys use automated hacking programs to crack passwords; these programs are very fast and thorough. As a defense against these methods, remember that a good password will not resemble any word found in any dictionary on earth. Pass “phrases” are OK, too. See my column titled “Crummy passwords = hacked email accounts,” 6-24-12, on my website.