Unabhängige Kompetenz-Plattform
für Integrierte Sicherheit in der Schweiz.

31.05.2015
von: David Hald, sms passcode

3 Signs That Hackers Could Be Reading Your Email

Email usually contains the most confidential information that an organization has – board minutes, customer information, and so on. Once a hacker is able to access someone’s email, he or she can access all types of sensitive information.

In a world where 76 percent of all network breaches involve weak or stolen passwords, it’s clear that passwords are not strong enough to secure anything. Email in particular has become both a prize in itself and a means of entrée into a target organization’s network.

The widespread use of remote access to conduct business has increased the number of entry points for cyber criminals by an order of magnitude. Most people don’t realize, for instance, that ActiveSync-enabled mobile devices create a security vulnerability that can grant easy access to your email. All a hacker needs is an email address and a password.

How can you tell if a hacker may be reading your email?
Here are three danger signs:

  • You can access webmail (i.e. Outlook Web App) with just a user name and password.
  • You can set up your Outlook account on your PC with just a user name and password and synchronize email from the internet.
  • You can synchronize your email with your mobile phone by simply entering a user name and password.

These three signs should be a clear warning to your IT department that it’s time to deploy proper user authentication - both for web mail and when enrolling new devices that will access corporate data. Two-factor authentication protects against threats that originally appeared in the ‘90s, such as key loggers and passwords that were guessed, cracked, bought or borrowed. However, hackers continue to innovate, creating the need for even stronger security.

Addressing the danger signs
Danger signs one and two you can address by implementing modern multi-factor authentication to secure access to your data with more than just a password, and to protect against cyber threats such as phishing and pharming. 
Danger sign number three is more complex since you must securely provision devices that access your network. This is quickly becoming a rising security vulnerability as a result of BYOD and workforce mobility in general. There are different options for addressing this issue. Here at SMS PASSCODE our Multi-factor Authentication solution comes with a feature called Secure Device Provisioning that allows users to enroll devices easily without the need to contact IT and without compromising security. Another option could be to roll out a Mobile Device Management solution, but this is typically a larger and more complex undertaking.

Securing your inbox
In case you want to prevent hackers from reading your email and are looking to step up your user authentication, then start your research with our Beginners Guide to Multi-factor Authentication.
Quelle: blog.smspasscode.com


Security-Finder Schweiz: Newsletter