5 easy ways to protect your correspondence
The number of e-mail users in 2015 was approximately 2.6 billion. It is expected that by 2019 this figure will increase to 2.9 billion. At the same time, many users have more than one email address. And each of these electronic mailboxes can be a source of information for intruders.
Having access to your mail, the fraudster will be able to see personal correspondence and conduct operations with accounts in other services registered to this address. In 2014, the network “ leaked ” about 5 million passwords to Gmail mailboxes, which allowed you to log in and access other Google services.
This list is endless. Therefore, today we will look at a few simple ways that will help protect your correspondence and personal data from being stolen.
')
Photo by Jonathan McIntosh CC / Flickr
In this case, you will need to enter the password twice: first, the original code word or combination of characters that you invented when you created the account, and then the one-time password that you receive as a text message on the phone (or device-token) every time you log in into the system.
You should also remember to regularly check your account data and change the password (for this you can use the password generation services). Such seemingly insignificant, but extremely significant measures of “prevention” will allow detecting hacking and interrupting the attacker's access to the account.
It is better to open documents in pdf, xls and doc formats with antivirus enabled , as they may contain all sorts of Trojans and other malicious programs. Macros in these documents should also be approached with caution.
You may also receive so-called interactive letters that allow downloading content from third-party servers. This content can be either regular images or js-scripts, so you should turn off automatic loading of such content (if your mail client allows you to do this) and enable it manually for trusted sources and senders.
Also note that you should not leave your email address "anywhere". This increases the chance of your email getting into the spam database. But if unwanted messages began to arrive in the mail, then use spam filters that are part of most email clients. Alternatively, you can pay attention to the services that filter incoming mail.
Sonam Rai, content marketing specialist at Magnet Brains Software Technology, rightly observes : "A free mail service is not reliable, and a reliable service cannot be free." The statement is very controversial, but for a general understanding of the options, you can familiarize yourself with this table, which presents a variety of postal services that can serve you well.
You can check whether encryption is enabled for a specific email using the CheckTLS tool by entering an email address in the appropriate field. To encrypt emails, you can use browser extensions — for example, SecureGmail for Google Chrome and Encrypted Communication for FireFox.
You can also encrypt messages using the Pretty Good Good Privacy utility (PGP). This is a free program that turns the content of the letter into nonsense for everyone except you and the recipient. In this case, both users - the sender and the recipient - work with the key pair, which greatly complicates the process of hacking the message. More details on how PGP works here and here .
Many security experts recommend using elm, pine, and mutt email clients — console “old-fashioned programs”, some of which are more than 30 years old. The love for antiquity was succinctly explained by Marek Tuszynski of Tactical Technology Collective, a non-governmental organization that educates activists and reporters on digital privacy and security.
“Simply means reliable. Console tools have a simpler design, consist of fewer lines of code without vulnerabilities, says Marek. - All this increases the security of the program as a whole. Fewer mistakes, higher stability. ”
Indeed, a mutt consists of several thousand lines of code, while their number in Thunderbird is close to a million, and in Google Chrome - to 17 million. For this reason, the number of vulnerabilities found in mutt over the past 10 years is negligible compared to the number of vulnerabilities found in large browsers (like Chrome and FireFox) and email clients (for example, Outlook).
Additionally, we note that you should not use e-mail (as well as any other services with accounts) when connecting to public Wi-Fi networks. Open networks are dangerous because traffic is not encrypted and vulnerable to interception - if you wish, an attacker with the help of special programs will be able to access your information.
The inviolability of personal life and correspondence is an individual human right. However, fraudsters and intruders were, are and certainly will not disappear in the near future. Therefore, the best thing we can do at the moment is to take matters into our own hands and take certain measures to protect e-mail independently.
What else do we write about:
Having access to your mail, the fraudster will be able to see personal correspondence and conduct operations with accounts in other services registered to this address. In 2014, the network “ leaked ” about 5 million passwords to Gmail mailboxes, which allowed you to log in and access other Google services.
This list is endless. Therefore, today we will look at a few simple ways that will help protect your correspondence and personal data from being stolen.
')
Photo by Jonathan McIntosh CC / Flickr
1. Use two-factor authentication (where possible)
In this case, you will need to enter the password twice: first, the original code word or combination of characters that you invented when you created the account, and then the one-time password that you receive as a text message on the phone (or device-token) every time you log in into the system.
You should also remember to regularly check your account data and change the password (for this you can use the password generation services). Such seemingly insignificant, but extremely significant measures of “prevention” will allow detecting hacking and interrupting the attacker's access to the account.
2. Be careful with attachments in the letter.
It is better to open documents in pdf, xls and doc formats with antivirus enabled , as they may contain all sorts of Trojans and other malicious programs. Macros in these documents should also be approached with caution.
You may also receive so-called interactive letters that allow downloading content from third-party servers. This content can be either regular images or js-scripts, so you should turn off automatic loading of such content (if your mail client allows you to do this) and enable it manually for trusted sources and senders.
Also note that you should not leave your email address "anywhere". This increases the chance of your email getting into the spam database. But if unwanted messages began to arrive in the mail, then use spam filters that are part of most email clients. Alternatively, you can pay attention to the services that filter incoming mail.
3. Consider using a paid box.
Sonam Rai, content marketing specialist at Magnet Brains Software Technology, rightly observes : "A free mail service is not reliable, and a reliable service cannot be free." The statement is very controversial, but for a general understanding of the options, you can familiarize yourself with this table, which presents a variety of postal services that can serve you well.
4. Use TLS cryptographic protocols (SSL) to encrypt emails.
You can check whether encryption is enabled for a specific email using the CheckTLS tool by entering an email address in the appropriate field. To encrypt emails, you can use browser extensions — for example, SecureGmail for Google Chrome and Encrypted Communication for FireFox.
You can also encrypt messages using the Pretty Good Good Privacy utility (PGP). This is a free program that turns the content of the letter into nonsense for everyone except you and the recipient. In this case, both users - the sender and the recipient - work with the key pair, which greatly complicates the process of hacking the message. More details on how PGP works here and here .
5. Use console email clients
Many security experts recommend using elm, pine, and mutt email clients — console “old-fashioned programs”, some of which are more than 30 years old. The love for antiquity was succinctly explained by Marek Tuszynski of Tactical Technology Collective, a non-governmental organization that educates activists and reporters on digital privacy and security.
“Simply means reliable. Console tools have a simpler design, consist of fewer lines of code without vulnerabilities, says Marek. - All this increases the security of the program as a whole. Fewer mistakes, higher stability. ”
Indeed, a mutt consists of several thousand lines of code, while their number in Thunderbird is close to a million, and in Google Chrome - to 17 million. For this reason, the number of vulnerabilities found in mutt over the past 10 years is negligible compared to the number of vulnerabilities found in large browsers (like Chrome and FireFox) and email clients (for example, Outlook).
Additionally, we note that you should not use e-mail (as well as any other services with accounts) when connecting to public Wi-Fi networks. Open networks are dangerous because traffic is not encrypted and vulnerable to interception - if you wish, an attacker with the help of special programs will be able to access your information.
The inviolability of personal life and correspondence is an individual human right. However, fraudsters and intruders were, are and certainly will not disappear in the near future. Therefore, the best thing we can do at the moment is to take matters into our own hands and take certain measures to protect e-mail independently.
What else do we write about:
- Cold mail: How to make it warmer
- Email Marketing: Recipe for Correct Plain-Text Letters
- How-to: interactive writing guide
- Pechkin-mail "wiki": Checklist for email newsletters
Source: https://habr.com/ru/post/312712/
All Articles