By Andrew Locke
January 9, 2017
What can John Podesta teach you about email? Simple. It’s not private, it’s not secure, it can’t be used as a trusted means of transferring sensitive information. Everyone should stop treating it as if it is. Do you currently use your email to transfer sensitive electronic documents or data? If so, you shouldn’t. Here’s why:
On March 19, 2016 Jon Podesta, Hillary Clinton’s campaign chairman, allegedly received an email that appeared to be from Google. The email contained a message alleging that Podesta’s email password had been compromised and that someone had used it to try to “sign in” to his email account.
Now, people receive emails like this all day, every day. They are called phishing emails, and bad people design them to get the unsuspecting email recipient (that’s you and me) to somehow give away some bit of information, typically login information, so they can gain access to the recipient’s email account.
Phishing emails can be difficult to identify at times. Some of them are masterfully constructed, but there are usually some tell-tale signs that give most of them away easily. Yahoo’s email security team put together a short list of signs that the email you just opened has been sent to you with malicious intent. Here are a few of them:
- Unofficial “From” Address – Phishing emails are nearly never sent from legitimate email addresses or legitimate domains. They may seem like they are legitimate, but, odds are, a little investigation will show that they aren’t.
- Urgent Action Required – Be wary of emails that show up, unsolicited, trying to get you to urgently take some kind of action that needs to happen, like, right now!
- Fake or Disguised Links – John Podesta’s email, urging him to update his password, contained a bit.ly link, meant to superficially disguise the actual web address of the phishing website it linked to. This should have been a dead giveaway.
- Email Content that, When Given A Small Amount of Thought, Doesn’t Make Sense – The phishing email Podesta received didn’t actually make much sense. The email claimed that Google’s email security team had stopped someone from using Podesta’s actual password to log into Podesta’s email account, but this doesn’t make a lot of sense. Unless there was an advanced email security system in place that was set up to notify Podesta when a log in attempt had been made from an unfamiliar location (like the one I have set up in my Gmail account, which sends a verification code to me via text every time my Google account is accessed from an unfamiliar device, known as 2-Step Verification), Podesta’s email service provider would not have known to stop the intrusion. After all, the log in attempt allegedly used Podesta’s actual username and password! Email services are good, but they ain’t THAT good!
Email security has improved in the last few years as cybercrime has risen. But don’t allow yourself to be lulled into complacency and taken advantage of! If someone can gain access to your email account by trickery, then they can gain access to all of the sensitive information contained in those emails, both received and sent!
If you have questions about how you can do a better job of securely transferring or sharing sensitive electronic information or documents with those who need access to them, call Morgan Records Management today to talk to us about WebConnect. The next step in secure electronic document and data sharing and transfer!
Send me information about WebConnect!
Andrew Locke enjoys hiking, playing music, theology, soccer and spending down time with his five fabulous children and beautiful wife.
Quote to live by: “It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly; who errs, who comes short again and again, because there is no effort without error and shortcoming; but who does actually strive to do the deeds; who knows great enthusiasms, the great devotions; who spends himself in a worthy cause; who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat.”