What can someone with access to your Email do?

Nitish ChandanCyber Security, LawLeave a Comment

How hackable are you? Well the question is when will you be hacked, not if. What breach awaits you at the middle of the night, you never know. From your end however it is important you use the everyday new features like two factor authentication and more. Many web based email systems provide you with lots of cloud storage sometimes even more than 20GB and for free.
So, you never delete messages and never bother. Many people don’t use two step verification on their email accounts and all they’ve got to loose then is a password and data worth what the hacker can make with it.

So what can someone do with access to your email account?

1. Scamming or Chaarsobeesi:

420, as they say in India because of the Section 420 of the Indian Penal Code. By reading your email only someone can learn a lot about you. Things like which bank have you recently got an account with, what networks do you predominantly use etc. The worst thing still to happen with you is identity theft and loosing personal and socially engineered data.

2. Exploit your filter and forwarder Services:

Most recently there have been a series of events in India where exporters have been looted (The exporters scam). In these type of events the hacker only needs to use the victim’s account once in order to set up a filter and a forwarder, the rest he can manage with fake emailer services. And there have been lakhs of money laundered like this with no trace of the criminals.

3. Scam your friends and relatives:

In another case, a lady was tricked into transferring money into an account in some other country on the context of an email conversation from a trusted close friend via their email. She opted all mechanisms of checks and validations but couldn’t prove to herself that it was not her friend

4. Steal your money and identity:

SBI, ICICI, Axis or whatever bank you may be a customer of, they often send you emails about a lot of stuff. Often email ids can help gain access to your bank accounts and the rest is understood regardless of explanation.
5. Sell your usernames and passwords:
Well, if you have a very good username, its worth a buck on the black market of Internet (The Deep Web). Not just good, even if its just a username password it costs something and it is reasonable enough For instance Apple iTunes username passwords cost around Rs. 500 in a general situation.

What to do about it?

  • Use two factor authentication
  • Use passwords that don’t mean anything
  • Keep different passwords for all your accounts
  • Give false answers to security questions so that nobody can make sense
  • Wherever you have to use your email id to log in to a website, create a separate email id for only these purposes.

email

Leave a Reply

Your email address will not be published. Required fields are marked *