Protect Your Password/s & Avoid Serious Consequences!!
For anyone using email; “spam” has long been a thorn in our sides. It is often the source of viruses and all manner of spyware and malware. To infect and send emails the spammers need valid email addresses and this is where email account security becomes essential.
This type of attack can cause all manner of damage to your reputation and the reputation of your company. Sometimes even getting your email address or web-server blocked through company spam blockers etc.
This has raised the question of who is responsible for avoiding this type of attack and how can it be prevented. The simple answer really is the end user, this means you!!
KJ McKee Projects (Pty) Ltd and Xneelo are specialists in their fields and will do everything possible to protect your information and your email accounts. The onus is, however, on you to be responsible when it comes to creating and managing your passwords.
How do spammers hack into your account?
Step 1 is getting hold of an email address. They can do this in various ways:
- checking your website for contact information: We recommend our clients use a contact form rather than publish their email addresses
- making good guesses: Many clients use generic style email on their website; e,g, info@yourdomain.com; admin@yourdomain.com etc. These are prime target emails for spammers.
- by getting access to your contact list: They do this by hacking your online accounts that store contacts.
Step 2 is checking if that email address is valid. They do this by:
- sending all those irritating messages we normally just delete. the best thing to do with these emails is to use your email client to move them to spam or trash folders and clear them regularly. These emails normally have a read receipt type of code attached to them that will revert to the originator that the email has been read – using the spam folders etc blocks this functionality. DO NOT respond to these emails as this lets them know the email is valid.
- Mailing list subscription form: Setting up fake “self help” and other sites that promise you breaking news and information on various topics etc. To get the info you have to subscribe to the newsletter. There are many valid companies that use this technique, but, again the onus is on you to make sure that the company is valid before submitting your info.
- Buying email lists: this is why it is very important to make sure that you are not on mailing lists you don’t want to belong to and you are sure that these lists are not shared or sold.
- Phishing scams: these are emails sent from apparently important companies, banks etc that generally request your banking details, credit cards etc. Be vigilant here … NEVER put your details on ANY site that you are not 100% sure of. If necessary contact the organisation via telephone if you are really not sure.
Step 3: Hacking your password
- Passwords are the “weak link” – once the hacker has your email address and password they can then setup a sending capability and send emails from your account!!.
KJ McKee Projects (Pty) Ltd and Xneelo (used to be Hetzner) do have security protocols in place to detect this type of activity and will block the email immediately and block the account. The account will then need to be reset.
If your account is not hosted through Xneelo, or by KJ McKee Projects (Pty) Ltd please ensure your hosting provider has similar protocols in place. If not, you can transfer your hosting account to KJ McKee Projects (Pty) Ltd by emailing Kevin.
- Make sure your password is secure – we cannot stress this enough!!!
- Avoid simple passwords e.g. names in small letters, your pet’s name, and of course the word “password”!
There are programs that are specifically written to decipher passwords and they can do this faster than you would believe possible. Try this nifty site to check the security of your password. It will tell you how much time it would take a professional hacker to crack your password. The info you type in is safe as the processes happen in a secure environment.
www.howsecureismypassword.net
Give it a try, you will more than likely be horrified at the result.
How can you create secure passwords and manage them?
Some tips on creating secure passwords:
Your password should:
- be fairly long (recommended 12 characters or more)
- contain capital and lower case letters, special characters and numbers.
Extra Tip: Use a Password Manager – we use Keeper – to generate a password
Avoid using:
- the same password for different accounts. Make sure each important account has its own password.
- the word “password” in any format
- Keyboard Sequences: 753, 123, qaz, qwerty or rgn
- common words or names
- numerical substitution e.g. P4ssw0rd or K3v!n
- a recent news event or similar occurrence; e.g. Conference2017 or BombManchester2017
Check your password on www.howsecureismypassword.net
Managing your passwords
Do you have more than one email or online account?
- Use a password manager to keep track of your passwords and access codes. Try Keeper on your mobile app store or on the net.
- Write passwords on a piece of paper or in a book or similar – this is not a recommended practice – make sure these are kept away from your computers.
How to change your password if your website is hosted by KJ McKee Projects (Pty) Ltd
- Login to your webmail account using your current full email address and password: https://secure.konsoleh.co.za/frameset_home.php
- Click on the settings cog in the top right hand corner
- Click on Manage Mailbox in the left column
- You will be asked to re-enter your password
- Click the blue Change Password button in the right column
- Enter your new password in the Enter New Password field
- Re-enter your new password in the Confirm new password field
- Scroll down to the bottom of the page and click the green Update mailbox button.
You can always request your password be reset by KJ McKee Projects (Pty) Ltd at a nominal charge of R475.00:
Please change my password
References & Thank You‘s
The support staff at Xneelo South Africa
Helen Brewer & The MICE Academy for their assistance in editing and simplifying my draft
I trust this has helped you understand and be more aware of your email and internet security. If you have any concerns or enquiries please email Kevin.