Extortion E-mails, Security Issues and Strong Passwords

Email Etiquette and Extortion

Technology is frustrating and sometimes downright scary! Even for those of us who have been using it for decades.

Unfortunately, when faced with techie issues that many users do not understand, they either believe the farce and overreact or choose to trivialize critical issues. I see it every day.

Creating complex and hard to guess (and remember) passwords is one of the most important security issues you have the control to control.

Have you been pwnd?

Pwn is a slang term derived from the verb own, meaning to appropriate or to conquer to gain ownership. The term implies domination or humiliation of a rival, used primarily in the Internet-based video game culture to taunt an opponent who has just been soundly defeated. It actually was started with a typo (owned vs. pwnded) and stuck.

You can find out if you’ve been pwnd by inputting your email address on this site.

Based on my credit reporting, I know that my primary email address has been in 23 data breaches. 23! I’m not as concerned as most would be as I am only online for business and make a point of not cross-pollinating logins between business and personal stuff.

The latest scam is to receive an email in your inbox from someone who claims to have your email account password. They note your email address and a password you may have used in the past. If it is a current password, stop right then and there and immediately change your password to the most complex crazy password possible! Just to be safe.

Some of these emails will state they’ve also hacked your webcam and that they have recorded that you’ve been to adult websites along with some of your scurrilous activities. This is where installing security software on your devices is a must.

Most Are Just Hoaxsters

In general, these emails are not from hackers who have actually hacked your account. They’ve acquired your information from the dark web due to the numerous data breaches. Keep in mind because they have an email address and password that you may have used to login to a website, that isn’t necessarily all the information they need to get into your actual email account. They still need server names, ports, etc.

If you are using your own domain name and that is shielded with a privacy service (recommended), these frauds have no idea where you email is hosted. Nor do they really care.

Fake Extortion

They just want to extort some money from you.

Extort:
to wrest or wring (money, information, etc.) from a person by violence, intimidation, or abuse of authority; obtain by force, torture, threat, or the like.

These emails can also claim they’ve tapped into your webcam and took screen shots of what you were doing and viewing (targeting porn). With threats to expose you. Or they may note that they accessed your computer and put a trojan horse virus that is waiting to be activated. Unless you pay up. All you have to do is send them some money or bitcoin and they’ll go away. Yeah, right.

These hoaxers are good at sounding legit. But don’t fall for it. I’ve received a bunch of these proclaiming they have evidence of what I do online — all of which I do not do. The various email addresses noted are not accounts they can login to (they are forward addresses), and in my case the passwords are those I used years ago.

As far as my webcam? I have that covered or turned off unless I am using it for a meeting.

Regardless, I’ve changed my email account password to something that is almost impossible to hack. Almost as in nothing is infallible. And I do not use that password for anything else.

The More Difficult Your Password (for you too) the Better

When it comes to your email security your most important and guarded information relies on your password being unique to you and not known to others. Even in a business environment, outside of the IT gal or guy, no one but the user should have access to others passwords.

Pet names, words one can guess if they look at the items on your desk, your family or that they know about your hobbies are off-limits. That is why you want passwords that are even difficult for you! That means they will not be easily guessed by others.

Tips to Create Strong Passwords

  • Length: Make your passwords long with twelve or more characters.
  • Complexity: Include letters, punctuation, symbols, and numbers. Combine upper and lower case. Use the entire keyboard, not just the letters and characters you use or see most often. The greater the variety of characters in your password, the better. However, password hacking software automatically checks for common letter-to-symbol conversions, such as changing “and” to “&” or “to” to “2.”
  • Variation: To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords on your email, banking, and credit card websites about every three months.
  • Variety. Don’t use the same password for everything. Cyber-criminals steal passwords on websites that have very little security, and then they use that same password and username in more secure environments, such as banking websites.

Password Generation Tools

Check out the LastPass Password Generator. This site also offers password management tools that you may want to consider.

Internal and external threats abound. If you haven’t had to deal with any yet that in no way negates their existence. Actually you are probably on borrowed time. So stop right now and change your email password so you can mitigate any risk from previous data breaches. Good job!

Please share...