How valuable is your Email Address?

Next story

Your credit card information is important: everyone knows and understands this. But how important and how valuable is your email address? What about the information that we put all over Facebook and other social media?

I’m sure that you’ll remember the recent breach at Home Depot: if not then the basics are that 56 million customers had their payment information exposed.

The BBC reported this week that those responsible also stole 53 million email addresses. Yes, payment information being leaked is bad but a breached email address could be almost as bad.

 

Spear Phishing and Social Engineering

 

Every time you sign up for an account online you are asked for an email address. This email address can then be used to reset your password, send you receipts, contact you about offers or updates, as well as a myriad of other bit and pieces.

What if someone gets access to your email address? Well firstly they will be able to target you with a phishing attack, which could evolve into spear-phishing.

Spear-phishing is more targeted than phishing and involves a healthy dose of social engineering in order to convince you to trust the email and do what they want: for example entering your bank details into a fake but convincing duplicate of your bank’s website.

Once your email is compromised then in theory the accounts attached to it are forfeit. But you setup all those secret answers to protect your accounts, right? This is where social engineering rears its ugly head again.

What is your mother’s maiden name? What was the name of your first pet? How about the road you grew up on? All common secret questions when setting up accounts.

But unless you have watertight privacy settings on all of your social media accounts, this information might not be too difficult to find out. Even if your friends and families accounts are wide open you could be in trouble.

 

It’s all about Layers

 

You can never have too many lines of defence. But every piece has to be strong, weak points in your personal security can, and potentially will, be attacked.

Look at your privacy settings. Who can see your information? What about your posts? Your contact details? If you aren’t sure or want help keeping your social media safe and sound then we offers a Social Media Scanner with ESET Smart Security or NOD32.

Keep your secrets secret. Try to limit the personal information that you actively put online and give away for free. Be wary of who is posting about you and remember that anything put online is affectively no longer private.

Layers. If you are using Gmail then Google Authenticator is a brilliant little 2FA app that adds an extra layer of security. If you are using a different email client then look into how you can add more security: perhaps 2FA or needing approval from another email account before changing settings.