In the past several months we have received reports from customers that their Gmail accounts had been stolen. Stolen? How can that happen? Since Gmail accounts are free, there is no billing information associated with the account. You can’t turn it off once it is stolen.

The ability for a cyber-criminal to steal a person’s Gmail account isn’t difficult. Since most end users take security lightly, many passwords are simple, such as “password” or “1234”. A cyber-criminal with a Gmail email address can quickly run through the most common passwords and will often strike pay dirt when an account opens up. This process is often performed by “robots” that access the accounts with software and test a series of standard password combinations. Successful logins are queued for review by people to see if there is anything worth stealing.

If a Gmail account is of interest (belonging to someone of wealth, stature or power), an individual may initiate the assault by visiting social media web sites to gain knowledge about the intended victim. With the names of family members, pets, colleges and other personal information, the cyber-criminal has a treasure trove of personal information available at their finger-tips. Often this additional personal information will yield clues to the victim’s password.

Two types of cyber-criminal exploits have been documented. In one type of exploit the cyber-criminal monitors the e-mail of the victim for an extended period. When contacts and/or e-mails are identified that may be valuable, they are downloaded to the cyber-criminal’s computer. The contact list may be used for “phishing” generating near real e-mails from the victim to people on their contact list asking for money. Controversial e-mails are often leaked on the internet to discredit a victim or to fuel a controversy.

The latest type of cyber-crime exploit has been to take over the victim’s Gmail account entirely. Once logged in, the cyber-criminal changes the account’s password. Next the cyber-criminal changes the recovery e-mail address and security questions so that if the victim tries to reset the password, they can’t. The victim is effectively cut off from their Gmail account, the contact list and the e-mails stored in the account. The cyber-criminal uses the information in the e-mails stored in the account to initiate attacks against people in the Gmail contact list. If banking or other account information is contained in the e-mail on the Gmail account, that information will be used to attack the victim.

Here are some tips to avoid being having your Gmail account exploited.

• Make sure your password is complex and random. Complex means at least 8 characters, UPPER CASE, lower case, special characters and numbers. Use the random password generator at PCTOOLS (http://www.pctools.com/guides/password/) to create a truly random password.
• Don’t store e-mail in Gmail forever. Clean out e-mail after you have read it.
• Don’t keep bank account specific information in Gmail.
• Don’t keep any detailed information (Address, phone number, etc.) on contacts in Gmail.
• Keep a copy of the contacts you have in Gmail. If your account is compromised, you will be able to reach your contacts to tell them to disregard any e-mails they may receive from the Gmail account.

DeckerWright Corporation provides assistance to our customers throughout New Jersey in implementing secure e-mail solutions. The next newsletter we will discuss how to recover a Gmail account if it has been stolen.

About the Author:
Marshall Wright of DeckerWright Corporation has been providing New Jersey businesses with HARDWARE, SOFTWARE & NETWORKING technology consulting services since 1984.

For more information please contact DeckerWright.