Back to Back Issues Page
Watch For Scams Newsletter. Email Vulnerability
December 17, 2015

Email Vulnerability

Watch For Scams is dedicated to helping you avoid becoming a victim of fraud.

If you like this ezine, do a friend a big favor and forward this to them. If a friend forwarded this to you, and if you like what you read, please subscribe by visiting the link below:

Subscribe Here

Email Vulnerability

Many members are reporting an increase in email hacking, so as the festive season approaches, it is timely to remember some key points to keep you and your identity safe:

• Enable additional email security measures, including two-factor authentication on your personal email accounts. This is a security feature offered by many email providers. The feature will cause a text message to be sent to your mobile device prior to accessing your email account

• Turn on all privacy settings on social media sites and refrain from posting pictures showing your affiliation to organisations

• Carefully evaluate the user settings for your online profiles. The default settings for some sites may allow anyone to see a user’s profile. Settings can be customized to restrict access to certain people

• Keep your social media footprint to a minimum, where possible, and actively monitor any accounts you maintain

• When posting on social media sites, do not provide details regarding your workplace, work associates, official position, or duties

• Do not promote your personal or professional importance in online profiles or postings, as this may make you a potential target for adversaries to exploit

• Limit your personal postings on media sites and carefully consider your comments

• Be aware of your security settings on your home computers and wireless networks

• Routinely update hardware and software applications, as old versions may be exploited by criminals as a way to access a computer. In addition, maintain up-to-date antivirus software, as attackers are continually writing new viruses

• Pay close attention to all work and personal emails, especially those containing attachments or links to other Web sites. These suspicious or phishing emails may contain infected attachments or links

• When setting up security questions for any of your accounts, avoid choosing questions with answers that can be easily verified (e.g., "What is your mother's maiden name?"). Devise questions and answers that are known only to you. If the questions are already provided, devise answers known only to you. Try using secret meanings, irony, metaphors, or even "incorrect" responses that no one but you would be able to guess

• Passwords should be changed regularly. It is recommended that you create a password phrase of 15 characters or more, using a combination of uppercase and lowercase letters, numbers, symbols, and special characters

• Do not store your login credentials on or near your computer. Memorize them or store them in a secure location away from your devices

• Be aware of pretext or suspicious phone calls or emails from people phishing for information or pretending to know you. Social engineering is a skill often used to trick you into divulging confidential information and continues to be an extremely effective method for criminals

• Advise family members to turn on security settings on ALL social media accounts. Family member associations are public information and family members can become online targets of opportunity

• Restrict your driver license and vehicle registration information

• Closely monitor your credit and banking activity for fraudulent activity

• Routinely conduct online searches of your name to identify what public information is already available

If you believe you have been a victim of this type of scam you should promptly report it to the IC3's website at The IC3's complaint database links complaints together to refer them to the appropriate law enforcement agency for case consideration.

Remember - always watch for scams!


Back to Back Issues Page