Monday, July 25, 2016

US Democratic National Committee Emails Hacked - Is Your Email Account Safe?

Today, as 19,252 emails of the US Democratic Committee were made public by Wikileaks, I was asked by some of my clients how they can keep their email accounts safe.

1. Downloading File Attachments -- If you don't know who the email is from, do not download the email attachments. This includes .RTF and .PDF file attachments.

2. Microsoft Windows Users / Spear phishing -- If you are a Microsoft Windows User, some of the computers in the DNC were more than likely compromised in an exploit called spear phishing. In a spear phishing example, an email is sent from a compromised trusted email account and a .RTF attachment file when opened created a registry key with a .dll file. To help deter this type of spear phishing, it is recommended you keep your virus checker up to date and notify your IT Department if you inadvertently open an attachment you think might be an attempt at spear phishing. Some   common types of spear phishing are password change notifications from Microsoft Live and Paypal.

3. Yahoo / AOL Accounts -- I would not recommend anyone use Yahoo or AOL Accounts. Google Gmail is much better at detecting and shutting off phishing email accounts. In the DNC case, a staffer used her personal Yahoo account to receive and respond to messages to and from email addresses (most likely for convenience.)

4. Gmail / Google Apps -- If you have a business, it is strongly recommended you use a Gmail and/or Google Apps Service. It's $50 per user per year. You can also use Microsoft Office 365 for a business. It is not recommended that you use GoDaddy or your ISP email.

5. Check if Your Email Address is Compromised -- Use this website to check if your email address has been compromised. If it is, change your passwords.

6. Different Passwords - Use a different password for every website. You should write-down and securely store your passwords. Using a secure password manager should be okay, but I would not recommend writing down the exact password, use some sort of code.

7. Change Your Passwords - You should change the passwords of your most secure accounts every 90-days or less.

Sources: Exclusive Suspected Russian hack of DNC widens - includes personal email of staffer researching Manafort (by Michael Isikoff, Yahoo News July 25, 2016)

Spear Phishing: Scam, Not Sport (Norton by Symantec)


Unknown said...

Thanks for post:
chuyển phát cấp tốc đi Liban
chuyển phát tốc độ đi Liban
ship nhanh sang Liban
ship cấp tốc tới Liban
chuyển phát tốc độ sang Liban
tần giao

Blogger said...

BlueHost is ultimately one of the best website hosting company with plans for all of your hosting requirements.

James jones said...
This comment has been removed by the author.
Unknown said...

These blogs are quite incredible that have provided the best knowledge.
receiving faxes via email

Kevin Dellinger said...

This site really has all of the info I needed on this subject and didn't know who to ask. View website: How To Lock Files The Marine Way.

james john said...

This is really a nice and informative, containing all information and also has a great impact on the new technology. Thanks for sharing it
online electronics store