How to Avoid Being Hacked, Part 1 – Email

by | Aug 1, 2017 | Uncategorized | 2 comments

How to Avoid Being Hacked, Part 1 – Email

Hacking is a common occurrence these days, but it’s good to know that hacking targeting you specifically because of who you are is far less common than scattershot hacking. Additionally, taking advantage of your online data is much more common than taking control of your computer.

Most people don’t understand their computers or operating systems deeply. There’s no shame in that. No one really understands everything about computers. But that makes it easier for those types who are forever trying to make an illicit buck with some new way they have to separate you from your stuff, or some tool they’ve bought to apply leverage to an unprotected digital niche. Furthermore, the digital world changes quickly and it’s much easier for those providing software and hardware to sell insecure wares rather than to take the extra time (and loss of market share) to make them very safe.

So it remains up to us to be more conscious in our behavior online, on the phone, and with our purchased equipment. Some of these conscious behaviors apply across the board to computers, tablets, and phones; others are specific to certain platforms.

Email – Phishing

I got an email from Apple, referencing a recent purchase and asking me to verify it. I clicked on the link and my browser went to Apple’s website, but something didn’t seem quite right. I stopped a moment to think: I had made a purchase online from Apple the previous day, but the email didn’t reference the specific item. I dropped off the website and took a look at the email. I hovered my cursor over the link and sure enough, it didn’t even mention Apple in the link. This is super-common – phishing emails designed to get you to go to some official-looking but bogus website (like the Apple website I’d thought I was on) and enter in your credentials which then give the hacker free access to your online account. And because many people use the same password and login for many of their online accounts it can give the hacker control of your digital life in short order. This happens to people who should know better and even almost happened to me, who also should know better!

But how did they know I had just bought something from Apple, or in other bogus emails – how do they know I just bought something on eBay, or what bank I’m with? How do they even know my email address?

The short answer is – they probably don’t. They send that same email to a million likely email addresses – either from a list they bought, email addresses they harvested online, or just randomly generated by a program (joe@abc.com, joe@def.com, joe@yourwebsite.com, etc) . It costs almost nothing to send an email and it doesn’t cost much more to send a million. It’s easy enough to add an official logo snagged off a corporate website to an email, and it’s similarly easy to make an official-looking website. In fact, one could just snatch the code off an official website and replace the official links with bogus ones that steal your login credentials. Furthermore, a link isn’t always what it appears to be. For instance, if I say to click here to WinAMillionBucks.com you’ll see that it goes to a site that may save you some money, but won’t win you a million bucks.

It can be enlightening to hover (without clicking) your cursor over a given hyperlink like the one above, and see what pops up. Or if nothing pops up, right-click (on a single-button mouse, [ctrl]-click) to reveal the link.

The short form answer to not being taken in like this is: DON’T click on links in emails. Type the desired URL into a browser. Or copy the link, paste it into a text document, and see if it is actually your bank, or Apple, or eBay or where you really wanted to go.

Coming up in part 2: Two-Factor Authentication, Passwords, and Giving Away the Form.

Related Posts

CSI Cases from Burgess Forensics #69 A Case of Hiphop Beef

The Stories are true; the names and places have been changed to protect the potentially guilty. It was almost closing time on Friday and my thoughts were turning to Barbequeing some of that mouth-watering Santa Maria tri-tip while my nose was turned to the scent of...

Email as a signed contract vs. fraudulent emails

Email as a signed contract vs. fraudulent emails We all send and receive email, but did you know that what you say in an email can be interpreted as a legal contract? And that sometimes, emails are fraudulent? Both are true. The Statute of Frauds Although email didn’t...

El Salvador Adopts BitCoin

El Salvador Adopts BitCoin copyright Steve Burgess, 2021 El Salvador just passed a law to make BitCoin (BTC) legal tender and is the first country to do so. It did something similar back in 2001, when it made the US Dollar the official currency, replacing the...

Keeping Your Bitcoin Safe

BitCoin. Everybody wants some. But what’s the best way to keep it safe once you’ve got it? And how to get it? First things first – you get BitCoin (and Etherium, and DogeCoin) from a cryptocurrency exchange, like you would from a “regular” currency exchange to turn...

Cyberbullying and Covid-19: 2021 Update

California defines a cyberbully as anyone who sends any online communication to deliberately frighten, embarrass, harass, or otherwise target another. The Cyberbullying Research Center defines it as “willful and repeated harm inflicted through the use of computers,...

Cybersecurity & Covid-19: Vulnerability and What to Do About It

Cybersecurity & Covid-19: Vulnerability and What to Do About It Steve Burgess, 2020 As if we didn’t have enough to worry about. With so many of us working from home (close to 90% of American corporations are encouraging or requiring employees to do so) and having...

Indian Summer Lovin’ – Tech Tips For a Warm Autumn

by Natalie Miller, 2019 With Indian Summer temperatures rising, here are some tips to help you make sure your devices are ready to conquer these warm days of Fall like you are. Check Those Pockets! Taking a dip in the pool, going for a paddle in a kayak, and jumping...

Electronic Waste and Recycling – What Your Old Devices Can Say About You

by Natalie Miller, 2019 With new models of phones and computers being released every year, wanting the latest and greatest is never a bad thing, but what about your old devices? The truth is that old devices can still hold all of the data you put on them or that they...

The Case of The Client Who Wanted … to be Wanted

The Case of The Client Who Wanted … to be Wanted copyright Steve Burgess, 2018 It was nearly Christmas, but the morning sun was pouring in through the windows of my Central Coast office, casting shoe-shaped shadows on the West side of my desk. Perhaps I should have...

Burgess Forensics Newsletter Vol. 5 Issue 1: FitBit Fun Forensics & Foes 08.08.2018

  Fitbit, Fun, Forensics, and Foes Have you tracked your 10,000 steps today? Has anyone else tracked them? Fitness trackers are big business, helping people get and stay fit, and helping them share their progress with friends – and sometimes with strangers. The...

Pin It on Pinterest

Share This