Concerns have been raised after hackers exposed months of e-mails of Sony employees The Sony hack, the latest in a wave of company security breaches, exposed months of employee e-mails. Other hacks have given attackers access to sensitive information about a company and its customers, such as credit-card numbers and e-mail addresses. One way hackers can sneak into a company is by sending fake e-mails with malicious links to employee inboxes.
Here are five simple steps to make your e-mail more secure and limit the harm a hacker can cause:
1. ARCHIVE EARLY & OFTENMost corporate e-mail systems allow people to set up regularly scheduled archiving so that e-mails are moved off of the server after a certain number of days.
You can still check archived e-mails on your work computer, but they are no longer easily accessible on websites outside the office or on your phone. That limits hackers’ ability to access those e-mails too. You can make exceptions for e-mails that you want to keep in your active inbox, and they won’t be archived.
2. GET ORGANISEDAs e-mails come into your inbox, deal with them. Sort them into folders. This segments your data, requiring an attacker to know which folder to go to, or to take multiple steps to search for wanted information.
Paired with archiving, it also ensures that what the hacker does compromise is limited and known for any future damage assessment. Sensitive information can also be removed from your inbox. For example, delete an e-mail and save what you need to your hard drive or an external drive.
3. KEEP WORK AND PERSONAL MAILS SEPARATEDon’t use your work e-mail for personal e-mail or activities online. That limits details a hacker can glean about you to conduct more sophisticated attacks targeting you as the entryway into your company’s system.
For example, hackers can learn about your shopping habits or personal hobbies and use those to send a phishing e-mail that appears to come from websites you bought goods from or read frequently.
Phishing messages route you to a fake address and allow hackers to gain access to your system.
4. DON’T CLICK ON UNEXPECTED LINKSIf you receive an e-mail with a link or attachment you weren’t expecting, send the person a separate e-mail asking whether the first e-mail was legitimate.
For links from companies such as banking institutions, hover your cursor over the hyperlink or right—click to show the link’s final destination. Before you click, make sure the address that pops up when you hover over the link matches where the hyperlink says you’ll be sent.
If unsure, use a new window and physically type in the website’s address to conduct your business.
5. IF YOU SEE SOMETHING, SAY SOMETHINGIf your e-mail is acting up or a link or attachment strikes you as strange, forward it to your IT department as quickly as possible. Your attention and fast response may prevent someone else at your company from making a mistake. Source: The Hindu
The group responsible for the Sony Pictures hack has apparently sent a new message that mocks the FBI for its investigation into the devastating cyberattack.
An email claiming to be from Guardians of Peace, the group that took credit for last month's attack on Sony's systems, was sent to journalists early Saturday. The email, titled "The data you are interested in," included a link to a Pastebin page with a so-called "Christmas gift" message taunting the law enforcement agency that on Friday officially named North Korea as the source of the hack.
"The result of investigation by FBI is so excellent that you might have seen what we were doing with your own eyes," reads the message, which then links to a YouTube video. "We congratulate you success. FBI is the BEST in the world."