Warning as old email accounts with weak security hacked by cyber criminals
Main article content
Police are encouraging people to improve their cyber security following a spate of hackings of old email accounts.
With email service providers implementing better security measures in recent years, cyber criminals have been turning their attention to legacy accounts.
Such accounts are often over 10 years old and are easier to hack – especially if they have weak passwords.
By hacking legacy accounts, criminals have been able to access a wealth of valuable personal information about the individual, which they can use to commit fraud. This includes passwords for other accounts like online banking.
Kirsty Jackson, cyber protect and prevent officer for Nottinghamshire Police, said it was a growing problem.
She said: “Unfortunately, we are seeing an increase in hacking linked to old accounts that are legacy email providers.
“Cyber criminals take the advantage of opportunities to hack if they know an account is vulnerable due to poor security or if the password has become compromised since it has been reused and appeared in a data breach.
“In recent times, we’ve seen various accounts linked to the legacy email account become compromised – including gaming accounts and social media accounts. We have also seen other victims get targeted with sextortion phishing emails.”
Kirsty said the emotional impact to individuals whose accounts have been compromised is comparable to victims of a physical crime, like a burglary.
“Even if it is online, their personal space has still become violated,” she said. “The victim loses that control or remains worried and vulnerable due to not knowing what to do next.”
People can significantly reduce the risk of being hacked by following a few simple steps.
Kirsty said: “People care about security but it is still often seen as default to what’s easiest to do, so it’s crucial to take a few simple actions to help ensure you are protecting yourselves.”
To protect your email and linked accounts follow our top 3 tips:
1. Using a combination of 3 random words creates passwords that are long enough and strong enough. Avoid words that can be guessed, like your pet’s name or birth month. Adding numbers and symbols is a good way to make your password even harder to guess.
2. 2-step verification (sometimes called 2SV) helps to keep criminals out of important accounts, such as your email and social media, even if they have your passwords. It works by sending a code or PIN to a device only you have access to, such as your phone. Typing in this code or PIN helps to prove your identity. You’ll usually only be asked to do this when you sign in using a new device or change settings such as your password. So, if you’re asked if you’d like to set up 2-step verification, always do so – you’ll be making life twice as hard for criminals.
3. It’s important to check your email security settings, are you able to create a strong and separate password? Are you able to enable 2-step-verification? If not, then the security features on your email account could be out of date and you may want to consider creating a new email account. Then apply step 1 and 2 to your account to be more cyber secure. Then all that is left to do is update the personal information on any linked account by adding your new email and deleting your old one.