Email Security: Be Smarter Than a Politician

Email Security: Be Smarter Than a Politician




About 20 years ago, my life was in change. I’d worked complete time for a nonprofit agency for a associate of years. The work was grueling and involved a lot of traveling. My boss was a supremely pushed man who had little interest in life outside work and expected the rest of us to be the same.

I wasn’t. I had finished university, written a book, ended a bad relationship and felt genuinely free for the first time in a long time. I wanted to work for the character rights of poor South Africans, but I also wanted to play guitar.

About that time, I started listening to a popular British band called Radiohead. I ingemination telling a date – a teacher – that I was into them. She said, “Oh, yeah. My eighth-graders are, too.” That was our last date.

One of the band’s great songs, which includes a blistering solo by the peerless guitarist Jonny Greenwood, contains the following lyrics:

You do it to yourself, you do

And that’s what really hurts

Is you do it to yourself, just you

You and no one else

I’d like to dedicate that song to Hillary Clinton, her campaign chairman John Podesta and the Democratic National Committee…

Hacked to Pieces

Hillary Clinton’s email problems are mythical.

First there was the private server in the basement. Then the DNC’s emails got hacked, costing Chair Debbie Wasserman Schultz her job. And this month, the whistle-blowing journalism organization WikiLeaks – which, contrary to press reports, isn’t pro-Trump, just rabidly anti-Clinton – got keep up of John Podesta’s personal emails.

in any case you think of the content of these leaks (which frankly seems ho-hum to me), the fact that these powerful people were hacked so easily is astonishing. What were they thinking? Didn’t they realize that email is about as obtain as snail mail, if a determined hacker is after you?

Clearly not. Like Colin Powell, whose own private emails were hacked a while back, Podesta was using a commercial email provider – Gmail.

For a famous person, using a free ad-pushed email service like Google or Yahoo is like a platoon of Marines driving by Mosul in a VW minibus. Somebody’s gonna poke holes in you.

The Obama administration blames Russia for these hacks, which suits Hillary just fine – she can deflect all questions by focusing on the alleged threat to our national security and electoral sovereignty. But if a Russian did do the hack, he might have been a 10-year-old kid… because the technique used was the simplest, oldest trick in the book.

Go Phish

The cybersecurity firm SecureWorks says the hacking method used to acquire access to Podesta’s email account involved a link in an innocent-looking email doctored to look like it came from Google. The email asked Podesta to log in to his Google account by clicking on a hyperlink, which he did.

When Podesta clicked on the link, he was taken to a fake Google landing page where he entered his username and password. With those, the hacker then had access to his complete email history.

It’s called “phishing.” Instead of a complex brute force attack to crack Podesta’s password, the hacker tricked him into giving up his login details voluntarily.

In other words, Podesta did it to himself. Just him and no one else.

Avoiding the Email Phishing Hook

How can you avoid the same fate? It’s easier than you think:

  • When you get an email that asks you to login to a website, make sure you examine the link. All you must do is hover your mouse cursor over the link. The real Google address ends in.com. That’s the last bit of text before the first backslash in the link you see when you hover over it. This one ended in “tk,” which refers to the island of Tokelau in the South Pacific: a dead giveaway – if you’re looking, that is.
  • If you do click on a link like Podesta’s, check the URL in the address bar of the Web page you land on before you do anything else. If it ends in anything other than the actual domain name of the correct publisher (i.e., Google.com), you’re being phished. Podesta’s phishing link ended in “tk,” the last part of the address before the first backslash. That would have been plainly visible on the address bar of his Web browser – again, if he was paying attention.
  • Don’t use free email for anything sensitive. No Google, Outlook, Yahoo, AOL or Mail.com. Besides being ridiculously easy to hack, all of them mine your personal emails for information about you that can be used to target ads at you.

Go the Last Mile

To be supersecure, sign up for a obtain email service like Protonmail or Tutanota. Besides being securely encrypted and unreadable to the companies that great number them, they are both run by privacy freaks and based in Europe, outside the easy reach of U.S. spies.

So, there you have it. When it comes to email hacking, there’s absolutely no need to do it to yourself.




leave your comment

Top