If there is one good thing to come out of the Liberty Life hacking drama, it is that people may start to realise how insecure e-mail is. First designed as a means to send simple text messages over the nascent network that would evolve into the Internet, e-mail is now the backbone of global communications.
E-mail may be a gift for communication between people, but it is also a gift to hackers — who need only to infiltrate our inboxes to get access to our most intimate information.
Forget the grandparents getting baby pictures and the rest of us receiving company memos. Think how much confidential data is in the average inbox, information that could easily be used for nefarious purposes by cybercriminals. Banks send us our monthly statements, service providers their monthly bills, financial service providers like Liberty send quarterly and annual updates and cellphone operators send us itemised invoices.
If you want to hack someone’s life, hack their e-mail — as was the case with the Democratic national convention when it was infiltrated by Russian hackers before the 2016 US election.
Worse still, e-mail is usually the first avenue to resetting a password. Once this has been compromised, a hacker could conceivably reset passwords to a range of services.
With any luck government will finally enact the Protection of Personal Information Act this year, giving consumers added protection against breaches of our personal data — over and above the reputational damage suffered in such breaches.
Think how much confidential data is in the average inbox, including bank info
— Toby Shapshak
I’ve lost count of the conversations I’ve had with people who ask me to "e-mail a copy of your ID" or worse, a copy of my passport. At least now I will probably have to stop apologising for seeming to be unnecessarily paranoid by refusing to do something so foolish. I hope.
E-mail is the perfect example of the trade-off we are forced to make between convenience and security. To make something easier to use and more accepted, service providers often have to make things less secure.
How do you make yourself more secure? If you have a simple password for your e-mail account, change it now. Make it difficult to hack — which means don’t use a simple word from a dictionary or the name of your child or pet. (It’s for this reason I’m calling my next dog "Password".)
Don’t use the same password for more than one online service — especially not banking. Better still, use a password manager like LastPass or 1Password — which will generate secure passwords for you. It is okay to write your master password down, just never store it on a computer.
Use two-factor authentication for e-mail and all social media and other accounts that offer it. That means you’ll receive an SMS with a one-time pin to log on — or use Google’s Authenticator app, which generates such codes.
It’s going to get worse, so harden your security before you get hacked. You’ve been warned.
• Shapshak is editor-in-chief and publisher of Stuff magazine (stuff.co.za)
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.