Some may think Microsoft and Facebook are too big to “fail” – not totally correct. Since they are just as fragile to cyberattacks as we are, these tech giants are always ready to fail your expectation towards their security.
False sense of security should break by now
Since the first quarter of 2019, there’ve been plenty of news about data breaches. In January, a trove of 773 million emails and tens of millions of passwords, from a variety of domains got leaked from Microsoft. Facebook’s textually stored passwords revealed in March are currently affecting millions of Instagram users.
Most recently, Microsoft has faced another breach affecting its web-based email services. Its services like @msn.com and @hotmail.com had their accounts compromised as a hacker or a group of hackers took over a customer support account of Microsoft.
You are only as strong as your weakest link.
The number of accounts affected by the data breach remains unknown. Microsoft confirmed it to be a “limited” number, while an anonymous source told Motherboard that it was “a large number.” The range of access to which hacker(s) could gain also remains unknown.
However, this email hack already exposes your email as the weakest link. Once putting hands on your email content, hackers are empowered to do plenty of “monkey businesses”.
1. A peek into your life
Emails contain more information than you believe they do. Accordingly, they serve as perfect material for social engineering, in which hackers learn about your profile and design scams targeting on you accordingly.
Through the compromised mailbox, either for personal use or for work places, hackers will peek into your life. They will know your name, job titles as well as contacts and connections, even living and working habits.
They will know which website you buy things on, what news agencies you subscribe to, what products or service of yours are registered with this.
2. Trick your information with phishing websites
With all the information, hackers could pretend to fake an email from some reliable service provider. In the email, they would sound convincible, as they get all your basic information right; they would sound urgent, so that they can ask for your password – the doorkeeper to your account, even social security number, credit card number or driver’s license.
One case is called iCloud unlock. In this kind of scam, hackers will compromise a target’s email or iCloud account in order to remove Activation Lock from their iPhone.
In order to trick a victim into giving up their iCloud credentials, hackers not only fake emails that appear to come from Apple, but also generate fake maps of where the victim’s phone has apparently been discovered to further entice them.
As a result, the unlocked iCloud, usually stolen or robbed off, could be cleared and sold to others for profits.
Flawed as everything else, your data on the Internet is not an iron clad. When hundreds of phishing emails are thrown at you, you can never promise to recognize them at the first sight and never fall victim.
Be a smart fish against phishing. And use some help to add one more layer of protection, such as Mr. Post. It will visualize the email route, unveil the real sender and tell whether it’s legitimate or suspicious, safe or dangerous – no matter how well disguised they are.
Being a lightweight add-in for your Outlook, browser and mobile phones, it won’t bother you from your daily work, but will inform you of any danger with one click.
Available on Microsoft AppSource now.