Most of us using email have often wondered whether our emails in the inbox is secure or someone accessing it. Since such doubts are common, it is time that we secure our emails from the hackers. In this brief article, we will learn how to set up an intruder alarm on your email account.
Many of you would be surprised to note that according to a survey by U.S Government on identity theft, 16 percent of the victims said their information was stolen by malicious elements. An alarming 85 percent reported that one or more of their existing accounts had been misused. Those accounts included email, credit card, banking, medical insurance, and other Internet payment accounts.
Identity theft continues to be a big concern among net users who engage in online communication and online transactions. Now a days, securing ones own email has become a priority to every net users, whether at home, internet cafe or at office. This is very important because it serves as a reminder that we need to take extra precautions of our email. It is probably a good idea to disable cookies, so you don't save login and password information of your accounts, and you should never keep sensitive information where thieves can easily find it.
Now you may not give this much thought, but your email account is a prime target for hackers because it holds sensitive information about you that puts you at great risk of identity theft. Think about it. When you open an online account, you're likely to get an email that contains your username and password, and if you're like most users, then you probably keep those emails in a folder for future reference. Oftentimes, we forget to delete these emails, or get comfortable with our online filing system, so we just have to be careful with whatever method we choose.
The Experiment
Since we are convinced that our email account is a treasure trove of private and potentially valuable information, it is high time that we learn to track our email being hacked by some malicious persons. I have received several emails from various net users asking me how they can find out if someone has accessed their personal email account. There is a good way to find out if anyone besides you is logging into your email account.
I came across the idea of setting up an intruder alarm on a users' email account by an article by Erik Larkin and Jeremiah Grossman of WhiteHat Security. The technique which takes advantage of a free web hit counter was brought out by the two persons in an excellent way.
Trick to Snoop Emails
The gist of it is to keep an e-mail message in your account that includes the code for the counter. Opening the attachment trips the counter, thereby alerting you that someone was snooping.
Here's how to set it up:
1. Head over to http://onestatfree.com and register for a free web counter account. You can list anything for the site URL (Uniform Resource Locator), and use a disposable e-mail address to complete the registration process (click for tips on using such e-mail accounts).
2. Look for an e-mail from OneStat sent to the address you used when you registered. It will come with an attached file named OneStatScript.txt. Save that file, and note your account number. Then delete the e-mail, which has your account details.
3. Give the .txt file a name that will catch a spy's eye, like "BankPasswords," and make it an .htm file so it opens automatically in a web browser (and trips the counter).
4. Send the file as an e-mail attachment to the web mail account that you want to monitor. Use a similarly baited subject line, like "Account log-ins," for the message. Just be sure not to open the file when you send it - you don't want to set off your own alarm.
5. Sit back and wait like the patient spy-catcher you are. If anyone opens your rigged attachment, the hit counter will reflect that fact and will record information about them, including the IP address of the accessing computer. To check the counter stats, just log back in to your account at OneStatFree.com.
A Brief Conclusion
Of course, the way to maximize your protection is to avoid keeping sensitive financial data in your Web mail in the first place. Another way to secure your email is to enhance the strength of your password. For example, you can try the free Stanford Password Hash browser add-on which provides additional security by making it easy to use strong, unique passwords for your accounts.
You should always remember that hackers are very clever and that is why you should change your password frequently to something that's a little harder to crack.
—By: R. Manoj. The author is an Assistant Editor at Fanatic Media, Bangalore. He is also an Independent Researcher, specializing in Software Security. He has an active interest in designing security algorithms for securing softwares. He can reached at infosecurity@fanaticmedia.com |
