Important words on e-mail security
Though today’s message applies mostly to those who A) check e-mail away from home or B) check e-mail on a laptop or C) check their e-mail via a wireless connection (or a combination of these factors), I think it is a great reminder that protecting our e-mail is no laughing matter.
Something crazy has just happened, you cannot log into your e-mail account. Your password no longer works and on top of that, everyone in your contacts / address book (likely including yourself) gets a strange email saying –HELP, I’M IN LONDON AND I’VE BEEN MUGGED. MY PLANE LEAVES IN 2 HOURS, PLEASE WESTERN UNION FUNDS IMMEDIATELY.
If you think that this comes from the page of a 21st century cyber-crime novel, think again. This ugly scenario happened to a customer of mine last week and is happening to innocent victims around the world, day after day.
I don’t want to categorize my advice as best or must — but I want to clearly lay out some options for you. There are safer choices and decisions that could leave you exposed.
1) A good portion of you probably use an e-mail address provided by your Internet Service Provider. Your address may end in @att.net, @sbcglobal.net or @comcast.net, or some other domain easily identifiable with your provider. If a computer criminal (a hacker) were to break into your account — you would simply need to call your provider and they could reset your password over the phone. Great!!
However, for business purposes, you may not want to use an e-mail address like this. As a representation of your company or yourself (in a job search process), an e-mail address connected with your internet provider can appear unprofessional.
1a) If you are given an e-mail account by your employer or school, security issues fall to the responsibility of your I.T. administrator. Furthermore, you may be discouraged from using that account for non-business purposes.
2) So what many people do, and what I have often encouraged you do in the past, is create at least one e-mail account that is independent of your internet service provider. The most common direction has been to go with a free e-mail service such as Yahoo Mail, Gmail (Google) or Hotmail (Microsoft Windows Live Mail). However, these services are the most frequently hacked into and many users have experienced the horror scenario that I described at the beginning of this message.
When a computer criminal hacks into your account, they change your password and the security questions associated with it. There is no live support provided with the free options from these e-mail services. Attempts to regain access to your account can only be accomplished by e-mail and can take days.
2a) If you are going to be traveling with a laptop or accessing your free account away from home, the safest way to e-mail is through a client program. Examples of such clients are Apple Mail, Mozilla Thunderbird (Mac or Windows), Microsoft Outlook (with the latest security updates), Microsoft Live Mail Desktop, or Yahoo Zimbra Desktop (Mac or Windows). All of these are free, except for Outlook. The hackers are most likely to break into your account when you are accessing your account through webmail, away from home, on a wireless connection. Do not use Outlook Express in Windows — this program is no longer distributed by Microsoft and is prone to attacks.
2b) To access your Yahoo Mail account through an external program, you will need to use Yahoo Zimbra Desktop (free) or upgrade your account to Yahoo Plus — a $20 per year option. If you use an @yahoo.com address, I like the Plus service because this gets you 24/7 live support, although you do have to chat with a representative through your web browser. It is much better than the e-mail only support you get with a free account.
2c) ATT DSL customers should not be as concerned as free Yahoo Mail users. Though your e-mail is provided by Yahoo, you do have 24-7 telephone provided to you by ATT. Your webmail account is more secure because you can reset your password any time by talking to a live person. Your ATT Yahoo Mail already has the Plus features built in.
3) So what can you do if you are really concerned? For example, you check your e-mail away from home frequently on a laptop or netbook. Read section 2a) and 2b), but you should also consider these advanced options.
3a) A Yahoo Mail Plus account ($20 per year) or a Mobile Me account (Apple — $70 to $100 per year. Allows you to back up contacts and files, in addition to providing you with e-mail). Both of these services provide 24/7 live support via web chat, should a crisis occur.
3b) Purchasing your own domain name through GoDaddy.com — approx. $12 per year. One e-mail account is included. For example you would register, yourname.com or yourname.us or yourname.net and you could set your email to firstname.lastname@example.org or email@example.com. You may have seen GoDaddy’s ads during the Super Bowl. They are the real deal and offer free telelphone support. For those who are running a small business, applying for jobs, or just wanting a personal e-mail, a domain with e-mail from GoDaddy is a very cost effective option.
3b) For my friends who want a slightly more sophisticated e-mail system, especially one that will sync with their iPhone or Blackberry — consider one of the following. Google Apps Premier ($50 per year) or Get Synced (a Kerio email provider – $60 per year). Both services allow you to register a domain name ($10 to $15 per year), such as described above, provide telephone support, and offer an easy to use, professional interface for managing your e-mail.
No matter what e-mail solution you choose — I am here to help you implement it.