Recent Updates Toggle Comment Threads | Keyboard Shortcuts

  • dropmysiteblogger 4:41 pm on May 13, 2015 Permalink | Reply
    Tags: ,   

    Which type of ‘rude’ email writer are you? 

    According to +Forbes contributor Travis Bradberry, since emails are easy to misinterpret, there are five rude emails you probably send everyday – so we wondered – which type do you tend to send? Take our quick poll to let us know! Here are the options:

    1) The Compulsive CC’er and Reply All – especially if you are replying all to just say “thanks”!

    2) The Way-Too-Brief Emailer – Do you tend to reply “got it” or “noted”? If so, you might be sending a negative message to the receiver that you really don’t care.

    3) The URGENT and ASAP Subject Liners – if your email is that urgent, pick up the phone!

    4) The Debbie Downer – if you find that you are always criticizing or telling people what they are doing wrong, perhaps you should do it in person rather than through email.

    5) The Robot – take the time to say hi rather than just jumping straight into business.

    Read More
    So… which type do you send the most often? Vote now here

    Start backing up your email in 2 easy steps athttp://www.Dropmyemail.com!
     
  • Udit 3:39 pm on May 12, 2015 Permalink | Reply
    Tags: ,   

    Was Your Business Ready for World Backup Day 

    According to the National Archives, only one of the following dates is NOT a federal holiday. See if you can spot which one:

    • New Year’s Day – January 1
    • Martin Luther King’s birthday – January 19
    • George Washington’s birthday – February 16
    • World Backup Day – March 31
    • Memorial Day – May 25
    • Independence Day – July 4
    • Labor Day – September 7
    • Columbus Day – October 12
    • Veterans Day – November 11
    • Thanksgiving Day – November 26
    • Christmas Day – December 25.

    Notice how without World Backup Day, federal employees have to go all the way from February 16 to May 25 without an official weekday holiday. That’s the longest drought of holidays throughout the entire calendar year. World Backup Day will increase the morale of our public-sector workforce.

    I’m kidding, of course – but the grain of truth is that this initiative really is important.

    Created after an initial discussion by a couple of reddit users, the movement was announced “for people to learn about the increasing role of data in our lives and the importance of regular backups,” according to the official website http://www.worldbackupday.com/en/about.

    woman with a desk sign showing closed for business

    Why World Backup Day is important to business

    The day is actually an effort for individuals to learn about how easy and critical it is to back up their information. However, Josh Topal, marketing manager for filesharing service SecuriSync, notes that businesses would be wise to pay attention to the project as well.

    Many business owners don’t set up the necessary systems to provide comprehensive and secure protection of critical business components such as email. Just think how devastating it would be if your organization’s electronic communications were completely cleared out. It would be a business continuity nightmare. Sound unlikely? Remember that hackers are becoming increasingly vicious: Sony Pictures wasn’t a theft so much as slash-and-burn virtual warfare.

    Topal provide the following stats related to business data loss:

    • Laptops are stolen at a rate of one per 53 seconds
    • Enterprises lose one thumb drive per month on average
    • 20,000 computers crash every day.

    “[B]usinesses need to be wary of what data loss means to them,” says Intermedia CTO Jonathan Levine. “How much time, money and effort are involved in trying to recover lost files?”

    Five tips to back up your email and other data

    Looking for a good backup solution isn’t as complicated or expensive as many people think it will be, says eWeek editor Chris Preimesberger. He provides the following 5 backup tips as indicated by CommVault information management director Rama Kolappan:

    1. Get business-oriented backup.

    File-sharing companies such as Dropbox are built with the primary emphasis on accessibility, which is the biggest selling point for consumers but may not be the most secure choice, as highlighted by the comments of Edward Snowden during the New Yorker Festival.

    “[I]f you’re a business, the needs are different, and security, data governance and insight into data are more the priority,” argues Kolappan. “And remember, backup does not equal data management.”

    1. The endpoints should be backed up as well.

    You want to make sure that all your data is backed up from all your endpoints. Safeguarding at the level of the endpoint will reduce the likelihood that you lose data, streamline efficiency with backups accessible to individual users, and allow you to find relevant data rapidly through enterprise-wide search features.

    1. File sync and share (FSS) should not be confused with backup.

    FSS technology has become more robust over time, but it doesn’t offer what is really needed to legitimately protect your business continuity. For instance, you don’t have the ability to recover your system from a variety of times. Plus, your IT team cannot monitor or control backup mechanisms as well since FSS is not primarily concerned with backup.

    1. Assess the security of your own system.

    Regardless how you store your backups, keep in mind that what you ultimately need is end-to-end security.

    According to Preimesberger, “Best practices include a robust data encryption strategy, a verifiable chain of custody, a data center security standard compliance program, a tiered approach to data security and, of course, comprehensive testing at every step of the way.”

    1. Look for security protections in backup services.

    You want to make sure that the system you’re using to back up your email and other data is strong, says Kolappan. In other words, you want to see that the backup solution you choose is operating in line with international security standards.

    At Dropmyemail, for instance, we pull emails from your server using either transport layer security (TLS) or secure sockets layer (SSL) encryption when those technologies are equipped. The messages are then encrypted for storage using the strongest block ciphers available, the same 256-bit Advanced Encryption Standard (AES) used by the Department of Defense.

    Every message is only readable with its own unique key. Needless to say, you don’t want anyone to access that key; but even if they do, the key itself is encrypted with a master key that is itself periodically adjusted.

    Do you need backup?

    World Backup Day may not yet be a federal holiday, but we celebrate it at Dropmyemail every day, where we are fundamentally concerned with data security. Ensure your business continuity and protect your communications with the best cloud-based email backup and archive solution available.

     
  • dropmysiteblogger 4:59 pm on May 7, 2015 Permalink | Reply
    Tags: , blacklist, , , , , ,   

    Tips To Keep Off (and Stay Off) Email Blacklists 

    In an ideal world the only email marketers that would end up on email blacklists would be spammers; unfortunately, as careful and well-intended as you might be, you can still end up getting blacklisted. According to Return Path, a surprising 20% of businesses in the U.S. have been blacklisted. These are “white hat” email marketers who are not intentionally spamming customers, rather they’re sending relevant content to an audience that has expressed interest in receiving communication.

    Before we go into the “How To Keep Off” – let’s define blacklists. Blacklists generally refer to lists of email or IP addresses that are suspected to deliver spam emails, malware or other unwanted messages. While the exact number of blacklists is not known, the most reputable ones carry quite a bit of weight and can negatively impact email delivery. They are often used by mail servers for filtering incoming mail in order to reduce spam and enhance security and reliability.

    There are two types of blacklists: IP blacklists and domain blacklists. IP blacklists are concerned with the source of the message (the sending IP), while domain blacklists are concerned with the source of the links inside the message. There are several main blacklists you should be concerned about staying off of, as a sender, including Spamhaus and SpamCop. Learn more about them and the other key players here.


    Here are some tips to avoid being added to an email blacklist:

    1) Do not be a spammer!
    Only send out email to people who actually subscribed to receive your message and be sure to include an unsubscribe link. This means do not use purchased email lists.

    The best plan of attack to prevent being blacklisted is to ask customers to whitelist you. Having your customers add your sender address to their address book increases your deliverability since ISPs will see you as a personal contact of this individual customer. An added benefit is that this is a way to get your emails out of the Promotions tab and into the main inbox.

    2) Manage your email list, message and frequency.
    If you are bombarding your subscribers with emails, especially if the message is not very important or poorly crafted, you are more likely to be seen as a spammer. Choose your words carefully. Be aware of spammy words and make a conscious effort to avoid them. The most common reasons behind being listed are poor data quality and high complaints.

    On the flipside, blacklisting is often triggered by sending emails to subscribers on a list that has been inactive for a long time – often around the Christmas holidays when marketers suddenly remember that they have a list.

    Keep your list clean by removing unsubscribes and inactive email addresses to control bounce rates.

    3) Watch your links and redirects.
    The domain based blacklists are lists of domain names that appear within the email body. This blacklist will look for the URLs within the body of the email to see if it contains a domain that has been identified as a source of spam. These blacklists will not only look at the initial link, but those it redirects to as well to see if they contain the spammy domains. It is also recommended that you steer clear of link shorteners.

    4) Monitor blacklist status and sender score
    Use sites such as Return Path or MultiRLB.valli.org to check your IP address against these databases and make sure that you aren’t blacklisted.

    We would love to hear from the email marketers in our audience! Have you ever found yourself on a blacklist? Have you ever given this any thought before? Are you planning to make any changes to how you send email now that you have read this?

    Sources:
    http://gplus.ly/1Ea8mqv
    http://gplus.ly/1Eab8vC
    http://gplus.ly/1EabpPh
    http://gplus.ly/1Ihs2NK
    http://gplus.ly/1IhsBav

     
  • dropmysiteblogger 2:14 pm on May 5, 2015 Permalink | Reply
    Tags: , , , , , ,   

    5 Ways Business Continuity Adds Value to Strategic Planning 

    As you plan the path forward for your organization, business continuity should be considered throughout the process so that there is less chance of unexpected events sabotaging your gameplan and leaving you sidelined.

    • 85% of business continuity programs changing
    • The relationship between business continuity & strategic planning
    • Mission statement & goal development
    • Environmental assessment
    • Strategy delineation
    • Plan launch
    • Continued monitoring
    • Email continuity

    85% of business continuity programs changing

    Throughout the first three months of 2015, UK business continuity resource Continuity Central conducted a poll of business continuity executives. More than 200 people participated in the survey. The vast majority (83%) were from large businesses with workforces of over 250. The two most represented countries were the US (36%) and the United Kingdom (25%).

    When asked for the extent of adaptation the professionals expected to occur throughout the year, 85% said that there would be some amount of revision:

    • 53% – small adjustments
    • 33% – large adjustments
    • 15% – no adjustments.

    Clearly business continuity is in a general state of flux, with one out of every three companies making major changes to their approach in 2015.

    The relationship between business continuity & strategic planning

    Business continuity is generally considered to only be useful as a way to defend your business and keep it running when a problem occurs. However, business continuity considerations are also useful when developing your long-range approach.

    Strategic planning is a way for your company to thoroughly outline and explore how you will accomplish your core objectives. It’s a roadmap, essentially. Here is how business continuity can be a valuable addition to the five basic stages of strategic planning – as discussed by Paul Kirvan, the secretary of the Business Continuity Institute’s United States branch.

    Mission statement & goal development

    Once you have clearly delineated your mission (what you intend to do) and vision (what values you intend to employ to accomplish your mission), it’s time to craft specific objectives.

    “These goals are used to develop the organization’s business objectives,” explains Kirvan, “such as achieving revenue goals or increasing market share.”

    Business continuity is usually not considered a part of this. However, it is obviously a goal of any business to keep running no matter what happens. In fact, you might even consider it the highest priority – if your organization shuts down, your entire strategic plan could be sabotaged.

    Just look at the case of Sony Pictures. Now clearly, most companies are not going to have to undergo such a devastating incident (given the extreme destruction by the intruders, widely believed to be North Korean cybersoldiers), but the company’s recovery process took about 90 days, certainly distracting from any new development.

    “Many organizations assume they will not experience a business-threatening incident,” suggests Kirvan.  “Logically, this assumption is highly risky, but it’s pretty much the norm.”

    Environmental assessment

    Now that you know what your objectives are, it’s time to consider the landscape. You want to look at your company itself, the segment in which you will compete on the market, and any forces beyond the control of the firm. SWOT analysis (strengths, weaknesses, opportunities, and threats) is used to get a full sense of the inside of your company. Kirvan recommends the parameters described in the Michael Porter book The Five Competitive Forces that Shape Strategy to consider how your company may be influenced from the outside.

    It’s a good idea to create two business continuity documents – a business impact report and a risk report – when conducting your SWOT assessment.

    Strategy delineation

    Now that you know what you want to do and what you are up against both inside the company and outside it, you can outline specific tactics you will use to accomplish your goals – such as automated email backup . Three elements of strategy that Porter considers essential to most organizations’ success are cost leadership, differentiation, and focus.

    “Business continuity activities can add value to each of these strategies by identifying situations that could negatively affect the firm’s ability to achieve its goals,” Kirvan argues.

    Plan launch

    Essentially at this point you are ready to start considering how action will be taken. You must figure out all the specifics, such as how much money is needed and how many members of your staff will work on each project.

    As you are launching the plan and putting your various strategies into place, keep business continuity in mind. You want to think about what might stop you from fully deploying the tactics that will help you accomplish your objectives. What are the risks?

    Continued monitoring

    You can’t just “set it and forget it.” Rather, you are establishing a system that must be monitored and revised as time goes by.

    “This includes setting up metrics for evaluating performance,” says Kirvan.

    As an integral part of strategic planning, business continuity must be evaluated periodically as well so that the value it provides effectively contributes to the overall mission of the business.

    Email continuity

    Fundamental to the business continuity aspect of strategic planning is email.

    For many organizations, email is the lifeblood of their business and one of the most business-critical systems. Yet too few protect it adequately against disaster. Not only is email their primary medium for communications, but it also serves as the primary document management system, a searchable repository of vital business data. The problem is that on-premise email servers can fail; data can become corrupted; power can go out for hours or days; offices can burn down; and natural or man-made disasters can strike.

    Would losing all your emails be a threat to your business continuity and general trajectory? How long could your firm survive without email and the data attached to it? Protect your business in just two easy steps by signing up for a free 15-day trial now.

     
  • dropmysiteblogger 11:27 pm on April 29, 2015 Permalink | Reply  

    Tech tip: 6 easy steps to undo a sent email in Gmail 

    Here’s a handy little tip that you hope you never need! How to undo a sent email in Gmail – but you only have a 10-second window so you will need to file this away to memory as you won’t have time to look it up!

    #email #emailtips #gmail

     
  • dropmysiteblogger 5:48 pm on April 28, 2015 Permalink | Reply
    Tags: , , ,   

    Forget Clinton: State Department Hack is Unprecedented (Now About Clinton…) 

    The focus on Hillary Clinton’s private server loses sight of a bigger problem: Russian cybercriminals have their fingers in the American pie.

    The scandal over Hillary Clinton’s emails should bother Americans for more reasons than one. Sure, it’s weird that Clinton was keeping her emails on her own designated website, aptly named ClintonEmail.com (and not ClintonShemail.xxx, as previously reported by Fox News). It seems at least appropriate, possibly illegal, and probably irresponsible.

    Strangely enough, though, storing her messages on her own private server may have protected them from Russian hackers. Attacks believed to originate in Russia “have bedeviled the State Department’s email system for much of the past year and continue to pose problems for technicians trying to eradicate the intrusion,” reported CNN.

    In fact, FBI leaders, intelligence community experts, and policymakers familiar with the specifics of the continuing assault on the State Department say it is the “worst ever” breach perpetrated against a United States government office. The intruders are actually attacking the federal government from all angles, compromising email at the White House and additional prominent offices as well.

    These hackers are believed to be sponsored by the Russian government, just as the FBI says the Sony and Anthem intrusions were perpetrated by government hackers from (respectively) North Korea and China.

    Who cares – let’s talk about Clinton

    As CNN points out, Clinton has been roundly criticized for using her own private server, for three main reasons:

    • It fails to back up records in the federal system, as demanded by record-keeping law.
    • Her home server could not possibly have as strong of security as the federal government does.
    • It is just plain crazy and weird, and… she did what again?

    The first point seems valid. However, according to an analysis by trial lawyer Aivi Nguyen, Clinton did not break the law. Nguyen notes that the applicable law is the Federal Records Act of 1950. That law was updated in November 2014 by President Obama to insist that anyone who uses a private account for any formal communications has to cc their federal address as well. In other words, said Nguyen, “At the time Clinton was actually in office, personal email addresses were allowed and there was no requirement that private account email records be stored on government servers pursuant to the Federal Records Act.”

    It seems that the security argument is not as strong as it should be. Russia stuck its finger into this particular American pie in 2014 (per an ongoing federal investigation), an attack so tenacious that the agency turned off its email one week in November to beef up its protections and eject the Russian riffraff.

    As for the third point, it remains difficult to understand why a high-ranking federal official would think it was reasonable to keep all their electronic business communication on a personal system detached from the federal infrastructure. Hillary: explain yourself.

    Clinton’s explanation

    On Tuesday, March 10, Clinton held a press conference at the United Nations in which she discussed the private email server. She said that she had trashed approximately 50% of the messages from her years as the Secretary of State (hey, 50 cents on the dollar, not bad).

    She claimed that she had transferred everything that was relevant to her work to the White House and had gotten rid of messages related to her personal life, reported the New York Times. According to Clinton, trashed emails included information about yoga, preparations for Chelsea’s wedding, and communications related to Hillary’s mother’s death. Speculation is running high that she also cleared out dozens of drunken emails from Bill requesting a divorce because she wasn’t supporting his saxophone career.

    Clinton held the press conference to try to calm concerns that she operated in a rogue style by buying her own domain and communicating off the federal grid.

    She said that she made the wrong decision to operate her own server but that her actions were always within the bounds of federal regulations, and that she was attempting to make things right by authorizing the State Department to push her emails to the public domain.

    “No one wants their personal emails made public,” said Clinton, “and I think most people understand that and respect that privacy.”

    Well, you know, this situation is a little different, Hillary. It’s not an average Joe’s email account we are talking about here. Plus, there seems to be a little hypocrisy involved. According to the Times, in 2007, Clinton criticized George W. Bush’s team for using an unofficial email system for some of their communications.

    The birth of ClintonEmail.com

    Sadly, there is no “About Us” page available at ClintonEmail.com. (Heck, there isn’t even an online store to buy commemorative T-shirts!) However, when the Washington Post took a peak into the registrar details for the email site, they found that the domain was first purchased on January 13, 2009 – which is, coincidentally enough, the day Clinton’s confirmation was initially discussed in the Senate.

    Don’t go the way of Clinton

    The Post comments that the use of an outside system is not isolated. For example, the former director of the Environmental Protection Agency, Lisa Jackson, used email for official business during her time on the federal payroll as well.

    The real issue with Clinton’s emails is that they are not backed up within the federal system. There is only one copy: hers. Essentially, her email is like an unpublished novel. A fire in the house would burn away official federal information.

    Don’t make yourself similarly vulnerable. If the State Department can get hacked, you can too. Back up your email. Get serious data protection for seriously low prices today.

    By Kent Roberts

     
  • dropmysiteblogger 11:11 pm on April 24, 2015 Permalink | Reply
    Tags: announcements, email hacked, , news, USA   

    Why Clintons Private Email Server Was Such a Security Fail 

    • Record-keeping vs. security
    • Who was snooping on Hillary?
    • Why Clintonemail.com?
    • Was it encrypted?
    • Back it up.

    Record-keeping vs. security

    If you hold a high position in government, keeping your own server would be tempting. It could be an effective way to keep your data out of the hands of reporters while maintaining compliance with the Freedom of Information Act, as indicated by Gawker. However, security professionals agree that it makes your communications much more vulnerable.

    On Monday, March 2, the New York Times reported that Hillary Clinton used a private email address rather than communicating via State.gov during her tenure as Secretary of State. On the 4th, the Associated Press noted that the email account was operated through a server at Clinton’s New York home and used a domain she owned herself, Clintonemail.com.

    The focus of substantial discussion has suggested that Clinton may have broken public record and accountability regulations, although the law still doesn’t forbid private accounts and didn’t require backing up email  by Ccing an official government address until 2014.

    “[As] the controversy continues to swirl,” explains Andy Greenberg ominously in Wired, “the security community is focused on a different issue: the possibility that an unofficial, unprotected server held the communications of America’s top foreign affairs official for four years, leaving all of it potentially vulnerable to state-sponsored hackers.”

    One key consideration is whether or not her emails were encrypted, as discussed below.

    Who was snooping on Hillary?

    The fact that Clinton was using her own server for email is a revelation to the American public in 2015, but spy agencies of other countries likely were aware of what Clinton was doing, just as the NSA is aware of top leaders in Spain and India who use consumer email, says Chris Soghoian of the ACLU.

    Building one’s own private email system is a ridiculously bad idea from a security perspective, Soghoian argues. First of all, you don’t have the same level of expertise watching over a random private server as you would at the State Department, unless Clinton was personally investing heavily in security – and it seems that would have been mentioned.

    The State Department has technologists on staff checking for unauthorized activity on a continual basis. The NSA also guards the infrastructure. One of the defense mechanisms State had available – a tool in place at several major agencies – is the Einstein  initiative, a Homeland Security effort that benefits from NSA information and security practices.

    Why Clintonemail.com?

    The domain name chosen by Clinton makes her decision especially problematic, says Greenberg. Unlike the federal websites, Clintonemail.com was listed with a private registrar.

    Greenberg elaborates, “The domain Clintonemail.com (and thus its registrar) was certainly known to at least one hacker: The notorious celebrity hacker Guccifer first revealed it in 2013 when he spilled the emails of Clinton associate Sydney Blumenthal.”

    Since the account was with a private registrar, a hacker could get into the registrar, Network Solutions, and grab email going in either direction or send it to an outside address. They could even send bogus emails that looked as if they were coming from Clinton. Well, is Network Solutions safe? Not exactly. Hundreds of its sites were invaded while Clinton held her Cabinet position. http://krebsonsecurity.com/2010/01/hundreds-of-network-solutions-sites-hacked/

    Even if the account were only used for nonessential communications, the fact that someone could hijack messages and write false emails from a top United States official is deeply disturbing in the eyes of Soghoian. Personal details are considered valuable by spy agencies, he says, giving the example of NSA surveillance of the private phone of German Chancellor Angela Merkel.

    Was it encrypted?

    A specific important question regarding Clinton’s data is whether or not it was encrypted. Why is encryption so incredibly important for her emails or for your own?

    Email encryption is a form of data security that makes it more difficult for anyone other than the intended recipient to read a message. Sending email without the security function leaves users vulnerable. Encryption scrambles all the information within your messages so that you can only see their contents if you have a private key. Encryption has grown in adoption since the Snowden disclosures on the NSA.

    As Debbie Jones of Teach-ICT explains, the concept has been evolving for millennia – if you consider it just a way to hide information from unauthorized parties. In ancient Greece, a general wanted to send a message to another city and didn’t want anyone to be able to detect it. He wrote a message on his soldier’s shaved head. When the soldier’s hair grew out, the message was concealed. For the recipient of the message, the “private key” was to shave off the hair to access the communication.

    Now, encryption of emails and other data is a bit more complex. A private digital key is created out of a huge number of possibilities. As Jones notes, the algorithms used to achieve encryption are extraordinarily advanced. Industrial-grade options, typically composed of 128 or 256 bits, represent a nearly impossible hacking proposition.

    Indeed, “[t]he current standard specification for encrypting electronic data is the Advanced Encryption Standard (AES),” explains the information security team at Indiana University. “Almost all known attacks against AES’ underlying algorithm are computationally infeasible — in part due to lengthier key sizes (128, 192, or 256 bits).”

    If Clinton’s data wasn’t encrypted, it would be extraordinarily easy for third parties to read if they ever breached her server. Imagine the intelligence that Clinton’s outbox could have provided to foreign governments or military personnel. Or, if someone were to copy the SSL certificate Clinton used, they could eavesdrop on incoming data.

    Back it up

    With more and more high-profile hacks occurring, businesses and consumers alike are becoming increasingly aware of the vulnerabilities associated with the Information Age.

    What if your email is hacked? What happens next? Will they be destructive? Will your data be lost? Get email backup and archiving today.

     
  • dropmysiteblogger 8:20 pm on April 22, 2015 Permalink | Reply
    Tags: email marketing   

    10 Tips for Email Marketing Success 

     10 Tips for Email Marketing Success
    There is much more to email marketing than sending a mass promotion to everyone on your list. By taking the time to get to know your target audience, you will be able to ensure that your campaigns are personalized, relevant, and timely. Here are 10 tips for email marketing success:1) Have a mobile strategy that helps you collect email addresses
    2) Offer incentives
    3) Confirm and double optin your email subscribers
    4) Keep communication to the point
    5) Let the user decide how often they would like to hear from you
    6) Use data to make decisions
    7) Give people options
    8) Automate automate automate
    9) Make sure your automated processes work flawlessly
    10) Test, test, test!

    Read More: Click here
     
  • dropmysiteblogger 3:31 pm on April 21, 2015 Permalink | Reply
    Tags: , , , , , , , , , , , , ,   

    How to Recover When Hackers Invade Your Email 

    Hacking is everywhere in the news these days, and for good reason: it is becoming a bigger problem. Just ask Anthem, the United States’ second-largest health insurer. Anthem announced in February that it had suffered a major breach. Although no electronic medical records were compromised, sensitive user information was: names, addresses, and Social Security numbers. In fact, 79 million individuals’ data– current and former customers, employees, and even non-customers – was taken. State-sponsored Chinese academic researchers are widely believed to be responsible.

    Just as with Sony (which experienced a slash-and-burn attack the FBI says came from North Korea), the hackers are believed to have been inside the Anthem system for months. Not wanting to be rude to its houseguests, Anthem left all of its user account information unencrypted (reportedly because encryption is inconvenient).

    It can happen to anyone

    In November, Suzanne Kantra of Techlicious received an email from a personal acquaintance asking her in broken English to go to a certain website. Upon further research, Kantra realized that she was receiving the message from a server in Russia that wanted her to come check out its sexy new malware.

    “When I checked in with her another way,” Kantra explained, “she already knew about the problem—the hacker’s message had gone out to her entire address book—and she was quite concerned.”

    Kantra, the former technology editor for Popular Science, gave her friend the following checklist to enhance her email security and recover from the breach.

    Use a different password

    Your #1 priority is to prevent the intruder from continuing to access your email. You want a hyper-secure password that is completely dissimilar to the previous one. For example, if your hacked password is beetlejuicebeetlejuice, your new one should not be beetlejuicebeetlejuicebeetlejuice. Plus, if Beetlejuice is listed as your favorite movie on Facebook, it probably should not be your password.

    One way to approach the password is with a strong random password generator, which I highly recommend. The one issue with randomizing is that your passwords become virtually impossible to remember. An alternative is to base your password on a sentence. “For example,” offered Kantra, “ ‘I go to the gym in the morning’ turns into ‘Ig2tGYMitm’ using the first letter of each word in the sentence, mixing uppercase and lowercase letters and replacing the word ‘to’ with ‘2.’”

    Get back ownership

    Your hacker may have changed the locks on you, leaving you out in the cold. To get access back, you can typically go through the password retrieval system, accessible through the login page.

    Set up 2FA

    You may be familiar with two-factor authentication, which some of the hip older kids are calling 2FA. This protection requires you to be authenticated twice, typically via a code that is delivered by text message or through a mobile app.

    Look through the account settings

    A cybercriminal will often care so much about you that they want to help you back up your email within their very own email account via forwarding. However, you may prefer that your hacker not be reading all your mail. Turn off the forwarding.

    Look at your signature as well, where the hacker may be advertising to everyone.

    Finally, check that your auto-responder hasn’t been co-opted by the hacker.

    Delete their software

    You also need to get rid of any malware. Run your current program or do a full scan with Malwarebytes, which has a free version.

    Kantra gives the application a strong thumbs-up: “I recommend running Malwarebytes even if you already have another anti-malware program; … Malwarebytes has resolved problems for me that even Symantec’s Norton Internet Security wasn’t able to resolve.”

    Don’t forget about your other devices – anywhere you check your accounts. Run your anti-malware program there as well.

    If you find malware, quarantine it (through the anti-malware app). Then switch to another password (since the malware may have detected your first password change).

    Follow the trail of hacking

    Kantra mentions her mother-in-law, who used to keep her login details for all her accounts in a specified message folder. She was hacked, and the intruder was able to wreak additional havoc by using her own filing system.

    You probably have emails with these sensitive details. Search for “password.” Switch out anything that hackers might have seen. Look over your statements if you think they might have accessed any financial accounts.

    If you have reused the identical login credentials on other sites, change those ones as well.

    Notify your contacts

    Check your outbox to see what the hacker has accomplished for you in terms of correspondence. If you disagree with their recommendations to take advantage of a sale at an Indonesian shoe site, follow up with friends to let them know that you are actually not part of an international footwear pyramid scheme.

    Enact preventive measures

    As suggested above, it’s a wise idea to use a random password generator and to diversify your passwords.

    Kantra’s friend used a variety of complex passwords, and she didn’t even have malware on her PC. However, she wasn’t being careful about the devices she was using, accessing her email through a computer in the lobby of a hotel.

    Hotel lobby computers are typical targets for hacker tools called keyloggers that record each keystroke you enter. Kantra stresses that PCs in public places “are often poorly secured and get used by dozens of people every day who don’t think twice about logging into their email or bank accounts or entering credit card information to make a purchase.” Expect a public computer to be contaminated. Wear a surgical mask and gloves.

    Furthermore, do you back up your music collection? Is your music collection really more important than your email? If your account is compromised, all of your emails could be destroyed or corrupted. Check out our user-friendly automated email backup plans.

    By Kent Roberts

     
  • dropmysiteblogger 4:51 pm on April 13, 2015 Permalink | Reply
    Tags: , ,   

    Is LinkedIn an Email Hacker’s BFF? 

    This article on +CIO by Information Security professional Trevor Christiansen explains how easy it is for a #hacker to build an employee #email list, simply by searching for an organization on #LinkedIn, that he/she can then target with a #phishing #scheme to access usernames and #passwords. This information can then be used to breach the #network and steal valuable credit card or other #data – and your company’s worst nightmare has just begun.

    So what is a company to do? Quit using LinkedIn? In today’s socially connected workplace, that hardly seems a viable option.

    Christiansen recommends investing in a training program to help your employees learn to recognize and resist phishing scams. He also suggests that a simple statement that clearly defines how your company handles network security information, such as “we will never ask for your username and password” will go a long way toward preventing employees from falling victim to such scams.

    Finally, having a clear reporting process for suspicious activity before it becomes a full-blown network attack will go a long way toward keeping your business-critical data safe and sound.

    Read More: http://gplus.ly/1JsQB9E

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel
Follow

Get every new post delivered to your Inbox.

%d bloggers like this: