CIA director John Brennan said in October 2015 that he was \u201coutraged\u201d when a hacker broke into his personal email account but added the attack highlights how everyone\u2019s personal data is vulnerable on the internet.<\/p>\n
The information stolen included email contact addresses, his wife\u2019s pension identification number, and the Social Security numbers and personal information of US intelligence officials.<\/p>\n
Statistics provided by Hotspot Shield (an internet security company) reveal that around 150 billion emails are sent every day. Of these, each of us on average sends or receives 15 emails with attachments per day, i.e. 5,000 per year.<\/p>\n
Alarmingly, 62% of people lose files received as attachments and 53% of people surveyed recall receiving emails with sensitive data such as credit card information and social security numbers.<\/p>\n
What director John Brennan and a property management company in the Algarve, who contacted Safe Communities Algarve recently, have in common, however, is that they are concerned about the issue of email security.<\/p>\n
The property management company asked me a very important question: whether the use of email is a secure way for their clients to pass passport information to their company?<\/p>\n
This is a very good question because passing sensitive data affects virtually all of us. Secondly, it involves a much broader issue and that is, how do you send sensitive information from one side of the world to another with minimal risk that it will be intercepted and used for fraudulent purposes? Remember, most people who have had their email address book compromised is as a result of poor password settings or lack of email security.<\/p>\n
Before you send your credit card information or other sensitive information online, over the phone or by mail, it helps to think like a hacker.<\/p>\n
The reality is that 60% of companies have experienced a data breach of some kind in the last two years, many of which can be directly traced back to poor email security practices.<\/p>\n
So the next time you\u2019re about to share your credit card number, consider: where are the potential breach spots along the path your information will travel? What are the security loopholes, and how can you close them up so your information doesn\u2019t fall into the wrong hands?<\/p>\n
A number of internet security experts have thankfully considered these issues and the following highlights some of the common methods of sending credit card information, and their ratings concerning the security risk levels for the average consumer.<\/p>\n
Security experts unanimously agree a normal unencrypted email is a very unsecure<\/strong> way to send sensitive information. Emails can be hacked, spoofed and eavesdropped.<\/p>\n Unsecured email offers criminals four points of exposure \u2013 your own computer, your email server, your recipient\u2019s email server, and your recipient\u2019s computer \u2013 making it one of the riskiest ways to send sensitive information.<\/p>\n Even if you are submitting the message through a secure connection<\/strong>, if either computer is infected with a virus or other malware, it leaves the door open to hackers.<\/p>\n \u201cThe designers of email didn\u2019t intend for it to provide confidentiality,\u201d said John Ackerly, CEO of Virtru, an email privacy company. \u201cIt\u2019s kind of like sending a postcard<\/strong>, as opposed to sending a sealed letter.<\/p>\n The traditional method of sending information by fax is fairly secure. As long as both fax machines transmit and receive through the traditional method<\/strong> over telephone lines (as opposed to internet faxing), the process poses minimal privacy threat. \u201cIf someone was able to intercept the telephone line, all they would hear is the screechy noise<\/strong>\u201d \u2013 the one you hear when connecting to the internet by dial-up modem.<\/p>\n A big risk enters when you can\u2019t be certain the intended recipient<\/strong> is the only one who will see the fax. If you\u2019re sending your credit card or other sensitive information, it is prudent to make sure that the recipient will be standing by the fax machine ready to receive it and immediately confirm its arrival. Also, make sure any confirmation printouts containing sensitive information \u2013 either on the sending or receiving end \u2013 are destroyed. This does not apply to personal fax users however.<\/p>\n Although it is becoming less necessary to send information such as bank statements by post, on occasion an order form or a bill will require sensitive information to be sent. Unfortunately in these situations you seal up the envelope and hope for the best.<\/p>\n There is a risk, however, that mail can simply become lost or stolen, so the risks are obviously there. Using couriers can reduce this risk, and this is now one of the preferred ways of sending credit cards worldwide.<\/p>\n You\u2019ll know you\u2019re at a secure website because your web browser will display \u201chttps\u201d in the location or URL bar. Most web browsers feature a graphic lock you can click to examine the site\u2019s security certificate. Secure sites help ensure that the data you send will be encrypted.<\/p>\n If sending sensitive information, consider using a document storage site such as Dropbox, or Oneshar.es, which allows you to send confidential information that self-destructs.<\/p>\n The catch involved in using these sites again is \u201cweak endpoints\u201d, say some experts, which means you can be on the most secure site over a secure internet connection and still have someone literally watching your keystrokes via spyware. The answer? Keep your malware protection up to date and stay vigilant.<\/p>\n It is hard for people to hack into text messages, but the risk to security involves their long life span; they exist on your phone until you delete them. If either the sender\u2019s or recipient\u2019s phone ends up in the wrong hands and the text message has not been deleted, it could pose a problem.<\/p>\n New technologies can make text messages more secure. There are companies that have added encryption technology to text messages and also include a message self-destruct feature, so they don\u2019t stay permanently on the recipient\u2019s end.<\/p>\n Although unsecured email is one of the worst ways to transmit sensitive information<\/strong>, you can eliminate a lot of risk by adding email encryption technology. Available options include Virtru and Infoencrypt. Any mail plug-in that utilises PGP (which stands for Pretty Good Privacy) will add a level of security by scrambling the information in transit until your intended recipient unlocks it with a security key. Some keys have an expiration time, providing additional protection.<\/p>\n Since the revelations about data snooping by the National Security Agency, Google and Yahoo have begun encrypting emails by default, but if your recipient doesn\u2019t have encrypted email, your message is still vulnerable after it leaves the Gmail or Yahoo servers. In other words, security is only as good as the weakest link<\/strong>.<\/p>\n Watch out for public Wi-Fi \u2013 connecting to the internet in a public hot spot, such as a coffee shop, leaves your computer and your information vulnerable to attack. Disable file sharing and use a virtual private network (VPN) if you can.<\/p>\n You can send your credit card information in pieces. For example, send the number in one encrypted email; the expiration date in another; and your billing address in a third.<\/p>\n If you\u2019re creating a paper trail by fax or mail, obscure some of the digits of your credit card number, and instruct the recipient to call for the remaining information.<\/p>\n Be sure to keep your computer up to date on anti-virus software \u2013 and don\u2019t be shy about asking recipients what level of protection they have on their computers, too.<\/p>\n","protected":false},"excerpt":{"rendered":" CIA director John Brennan said in October 2015 that he was \u201coutraged\u201d when […]<\/p>\n","protected":false},"author":3,"featured_media":13136,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[46],"tags":[47,50,51,49,48],"yoast_head":"\nFax \u2013 Risk level: medium<\/h3>\n
Postal mail \u2013 Risk level: medium<\/h3>\n
Secure websites \u2013 Risk level: medium<\/h3>\n
Text message \u2013 Risk level \u2013 low (with additional protections)<\/h3>\n
Encrypted email \u2013 Risk level: low<\/h3>\n
Additional ways to beef up your security<\/h3>\n