Simon Ho, Support Desk Manager, WWCS.

How to Hack into Emails… for beginners

Got your attention, didn’t we?

Did you really think we were going to show you how to hack emails?? Instead, we want to highlight how to protect yourself from being attacked when it comes to email privacy. Let’s face it, an invasion of your privacy is not only illegal but can be very damaging to your mental and physical health. Picture this, there’s a random person in Brazil, on his PC wearing nothing but his underwear looking at emails you have exchanged with your secret lover way back in 2004?? Joking aside, the threat of being hacked is very real and it is here to stay. We all want to feel secure and have that peace of mind when it comes to our personal data online. We take our clients Security with unequalled importance.

Brute Force

They say that every device with an internet connection can be compromised and, in this case, the threat is real and growing at an alarming rate. If you’ve ever wondered how these people can get a hold of your email passwords, they do so by using specially designed software to crack your password. There are data centres dotted all around the world, in 2017 there were 8.4 million, where databases that hold our personal information is stored. As the information is confidential and locked away, the information to an attacker seems to be very valuable, thus making it a target. The possibilities on what they can do with this information are endless. When a database has been compromised, they have used a method called Brute Force. This involves running sophisticated software to grab and download emails and passwords. Armed with the information, the attacker could easily log into your emails and have a field day. But you can protector yourself by firstly changing your password and setting up multi-factor authentication on your emails. Here’s an example of an attacker who has managed to access emails and relevant passwords. They would send “blackmail” emails to their targets demanding money; the email claims that they have recorded the user on webcam doing “nasty things” while visiting adult porn sites. They even go as far as showing you one of your current/previous passwords just to convince you that your account has been compromised and they have all your information. The attacker’s objective is to scare you into paying up and if you don’t meet their ransom, they threaten to send the video to all your contacts (this includes your Facebook friend, etc.)

Example of a Blackmail email:

Phishing emails can vary greatly. Some are generic emails and some are highly customised showing past account passwords and other personal data

Multi-factor Authentication

Multi-factor authentication or MFA is a security-based system which uses various methods to verify the user’s identification for login or completing a transaction. MFA is designed to create an extra layer of security which in turn makes it more difficult for an unauthorised user to breach. Multi-factor authentication involves a combination of 2 or more types of credentials which work independently but joined together to allow access, one would not work without the other. For example; you will be prompted to enter you email password which will then prompt you to enter a code sent to your mobile phone. You probably seen this when logging into your bank account on your mobile app or on a web browser. They usually make you type your password as well as a couple numbers from your secret passcode and having you answer a secret question. We highly recommend you setting up your MFA on your email accounts.

Protection

All email providers, along with other websites which store confidential information about you, should have an MFA method available to activate on your emails, depending on who provides your email, please see the following links for a step-by-step guide on how to set MFA up:

2FA Examples...

Many different providers offer Two Factor Logins - here are examples from Google and Microsoft. Moving forward, most providers will be launching additional security for logging in to their platforms.