Security

I've inserted this new page in view of the increase in phishing attacks, and scams in general that we've seen in the past year or so. I'll try to dissolve some of the myths surrounding online security....let's start with email.

How likely is it that my email will be hacked ?

Unfortunately it's more likely than you might think….here’s why....

There are a host of opportunities for a would-be hacker to find a way into your email account, and some of the perpetrators are really expert at it. We’re all familiar with many of the methods they use, ranging from phishing emails designed to elicit personal info from you, to the use of ‘easy to guess’ passwords which never get changed. I won’t list them all here, but the results are worrying, particularly when it comes to more vulnerable individuals or those who are not sufficiently ‘computer savvy’ to realise the dangers and take precautions.

Once hacked, your email messages and account details will normally provide the hacker with sufficient data to steal your identity. According to the Identity Theft Resource Center (ITRC), there were 1,291 publicly reported data breaches and ca 166 million victims in 2022 - if taken at face value, this means there's a good chance that hackers may already have access to your email account information and could access your account at any time.

There are measures you can take to make your email account(s) less likely to be hacked, such as using ‘strong’ passwords. Adopting 2-factor authentication (i.e. exchanging a one-time password or code via text with your provider to confirm ID) where it's available certainly should help. This option isn't universally available yet, however.

There is admittedly also some protection for the average email user from ‘strength in numbers’ – i.e. the more email accounts there are, the less likely it is that yours will be chosen by a hacker. Ultimately though, the safest approach is to regard your account as potentially compromised and never to exchange any confidential or private information such as personal ID or bank account details ‘in clear’.

Easier said than done, I hear you say….and of course, you’d be right....

We all need to exchange such data now and again with others we trust, so how can we protect our data when we really have to expose it in this way ? The most obvious first line approach is to use strong passwords, and to change them regularly. However, this requires time and effort, and almost certainly will require a password manager of some kind. Most of us won't go to these lengths.

A good fall-back option is to add an extra layer of encryption of your own to those parts of the email text that you don’t want others to see. Even a layer of simple additional encryption will slow a hacker down and make him (/her) wonder whether your account is really worth the extra effort involved in trying to crack your code.

You can add this encryption quite easily for yourself – there are a plethora of online encoders available, but I would recommend avoiding these - there is after all no guarantee that they won’t steal your info after you’ve uploaded it and sell it on the 'dark web'. Always use a stand-alone package that runs on your pc and you know can’t pass any data to the cloud.

I recently updated a simple encoder/decoder which fulfills these criteria. I generated this some years ago and it runs under MS Excel (Office 2010 onwards) and on Windows OS versions 7 and above – you can download the Excel app free of charge from my website. The workbook is entirely stand-alone and does not require an internet connection. You will however need to enable macros in your Excel settings to run the encoder/decoder modules. Once you and your correspondent(s) each have a copy of the workbook, you can exchange encoded message text securely at any time using a unique Keyword. Since this can be between 7 and 15 letters long (uppercase and lower case) the number of possible combinations is around 5.6x1025 i.e. it is virtually unbreakable with standard computer equipment available to the average hacker.

Why not give it a try ? It might just prevent someone stealing your ID, or even emptying your bank account….