Study: Email Scams Work. Here’s How to Protect Yourself

Not only are your online accounts valuable, they provide scammers with extremely convenient and quick ways to take your money. According to the abstract of a new study by Google and U.C. San Diego:

Online accounts are inherently valuable resources—both for the datathey contain and the reputation they accrue over time. Unsurpris-ingly, this value drives criminals to steal, or hijack, such accounts.In this paper we focus on manual account hijacking—account hi-jacking performed manually by humans instead of botnets. Wedescribe the details of the hijacking workflow: the attack vectors,the exploitation phase, and post-hijacking remediation. Finally we share, as a large online company, which defense strategies we found effective to curb manual hijacking.

When scammers access your account, the first thing they do is scan it for value. This means they search any references of bank statements, wire transfers and so on. If they determine that you have something worth stealing, they then reach out to your contacts pretending to be you and asking for money.

How embarrassing, right?

The best way I can think to avoid this is Google’s 2-step verification. (No, I don’t work for Google). This is a little extra step when logging into your email to prevent people at remote locations from getting into your accounts.

The above link explains how it works exactly, but the bottom line is that you will need your cell phone handy when you log-in to your email. It might sound like a pain at first but, trust me, it will save you a ton of headaches that could occur if your account gets hacked.