Tag Archives: secure email

Email Security

How To Secure Your Yahoo Mail Account

Do you know most of the security breaches happen via Email. Have you ever evaluated your Yahoo mail Account security? In this article, we will discuss some techniques to secure your Yahoo mail account. 

According to Statista, In 2017, 269 billion emails were sent and received, half of those related to business. Hence, it is essential to Secure Your mail account, especially if that Email is the Email you use for business purposes. Hackers can hack the account and can compromise confidential business data.

These days all types of business communications are done via emails as email communication is mobile, reliable, and economical. Confidential data like contract information, shareholders agreement, etc. may reside on Email. If such information gets hacked, it can cause severe damage to the company. Even hacking of personal data can cause serious damage to the individual. A good example can be the “Hillary Clinton email controversy.”

Data exposure via email communication has now turned into a problem of greater magnitude. A single wrong-click can expose top-secret company information, make public, private financial statements, and expose sensitive negotiations. Hence in the current world, it is a must to secure your mail Account. 

Email Security

Different methods to Secure Yahoo Mail Account

Email Service companies have also taken the steps forward from their side to the mail account. Email Services company like yahoo have introduced a feature called two-step Authentication to secure yahoo mail account. All the Emails are SSL/HTTPS encrypted. Despite the effort from the Email Service company, the Email still gets hacked, mostly due to the user’s fault. Hence every user should follow the steps mentioned below to make their email account safe.

Note: We will take reference to Yahoo Mail Account as an example Email. The steps are the same for other Email Accounts too.

Set up Strong Yahoo Password

If your password is easy to guess and doesn’t contain a mixture of special character, number, Upper Case then there is a chance that hacker can you account using Brute force attack or Dictionary attack. A dictionary attack is a hacking technique which uses simple file of common words to hit and trial password. A brute force attack is an advanced form of Dictionary attack. Instead of just a common word, the Brute force attack hit and trial all possible combination of alpha-numeric combinations. Hence always keep you Password Strong. Your password should be a mixture of Special character, number, and Upper Case. Yahoo has an excellent article on how to choose a strong password.

Enable Two Factor Verification (2FA)

Two Factor Verification is the best method to protect your Email. After Enabling 2FA, access is granted to the account only after the user can verify two forms of password or two sources of evidence of their account. Two sources of evidence are usually your email password and verification code you will receive via SMS or a call.

In Yahoo, you can enable Two Factor Verification within few clicks. Goto Account security Page and Toggle on Two-step verification. More detail about Two Factor Verification is provided HERE.

Beware of Phishing Emails

Phishing is a hacking technique used to steal user login credentials, credit card numbers, etc. In such an attack, hacker masquerades as a trusted party and tries to trick the user into clicking into the malicious link, which leads to malware or ransomware program intended to steal your private data. Although Yahoo tried to filter Spam Email from their side, Phishing email still exists. Users shouldn’t open or click the suspicious link. Never give account credentials to anybody.

Update your Account Recovery Information

Account Recovery Information is contact information through which you can recover your email credential in case the user forgets the password. Make sure that the Account Recovery Information data you enter is of trusted person and try to update the Account Recovery Information at least on quarterly intervals. 

Updating/Adding Account Recovery Information on Yahoo mail is straightforward. Go to Account Security Page and click on “Add the recovery email address.” For the detailed steps, follow THIS LINK.

Use a secure email service.

Yahoo Users don’t need to worry about secure email service. Yahoo website provides Secure Socket Layers (SSL) encryption for secure data transfer via Email. 

Secure Socket Layers (SSL) in general term, is a standard for creating an encrypted link between a web server and a browser to prevent the network from being tapped

Easy way to know if the website uses SSL is; if the web address starts with “https” it uses SSL.

Try not to keep similar passwords on every Email accounts

Hackers know that usually, people use similar passwords and security questions on all of their accounts for convenience. Once your one Account gets compromised, all other accounts whose password is similar also are under the thread. We suggest you go to all of your additional accounts, including bank accounts, email accounts, social media accounts, dealer accounts such as Amazon, media accounts like Netflix, etc. and change the passwords. Furthermore, Change the security questions and answers for any account where they were required.

If you are like me who keeps forgetting the password, then there is an awesome app called LASTPASS. It remembers all your passwords for you. 

Review of Account History Regularly

It’s a good practice to review your Account History at least every quarter. It helps to detect any potential intruders or hackers. 

To review Account History of Yahoo, go to Manage Accounts Page andSelect Recent Activity from Account info section. It displays information like session browser/OS, times, IP address, and location. If any suspicious activity occurred on your account, then this is the first thing you should do.

Review Your Forwarding Settings

If you have multiple accounts, email forwarding helps to manage it easily. But it can be an entry point for hackers to spy your Email too. Just a few minutes of access into your Email, and someone can set up email forwarding into their account. So monthly checking of the Email forwarder list is essential to stay protected.

On yahoo, you can do it very quickly. Go to the Accounts section of Settings Page. Click the Yahoo entry with your email address, scroll down, and you’ll view the Access your Yahoo Mail elsewhere field. Make assured there’s no data present. If data is present, then it means your email is forwarded to that email. Make a note of it, and then turn to forward off and change your password.

Encryption In Yahoo Mail

In the past, yahoo mail doesn’t provide automatic email encryption, but the user had to opt for the encryption feature. But things changed in 2014 when Yahoo declared auto email encryption.’ Now Yahoo is fully Encrypted and safe whether you use it from the web, mobile app, SMTP, IMAP, or POP

Nowadays, almost all famous Email service companies have Email Encryption.

Recognize a Hacked Yahoo Mail account

It may sound odd, but it’s not very easy to find if your account is hacked or not. Because hacker always tries to remain dormant and unrecognized. If you have the suspicion that your Email is compromised, then follow the steps mentioned below to find if your account is hacked or not.

Signs of a hacked email account

  • You’re not receiving some or any emails.
  • Your Yahoo Mail is sending spam to your contacts.
  • You see user logins from odd locations on your activity review page.
  • Your account info like email forwarder, 2FA verification, etc. was changed without your knowledge.

Preventive steps if your Yahoo Mail Gets Hacked

1. Change your password immediately

Usually, Hackers won’t change hacked account passwords to remain unrecognized. If that is the case, then immediately change your password to prevent further damage.

To change the password of yahoo mail, click the “Forgot Password” link from the login page.          

Things to remember:

  • Make sure your new password is long, unique, and complex passwords.
  • If 2FA(two-factor authentication) is off, turn it on. This gives an extra layer of protection to your email account.

2. Check your settings

After you change your password, the next thing to do is check if the hacker changed something on your account settings.

Some major things to look at are:

  • Email filters, Forwarders, Blocked addresses, Reply-to Address, etc.
  • Check if the hacker made any changes to the Email signature.

Note: You can send an alert message to all your contacts list informing that your Email was hacked and ignore any suspicious message from you until you inform that issue Ais resolved. 

3. Scan your computer and other devices for malware

After you verify your setting, the next thing to do is find the source of the cause. To find the cause and eliminate it, scan your computer for possible malware. There might be malware on the PC you use.

Note: If you found malware, change the email password and re-check account settings again. There is the chance that the malware system again sends the credential to the hacker.

4. Implement preventive measures to prevent future hacking

After your account got hacked, you must adopt preventive measures to prevent future hacking. Avoid suspicious emails or links. Regularly scan your PC for malware. Always using private and secure networks only. 

Future of Email Security

Nowadays, the trending topic for every aspect of technology is Artificial Intelligence. The email Service company is also trying to implement Machine Learning and Artificial Intelligence to make its security system more reliable and secure.

One famous AI Technology for Email Security is Micro’s Writing Style DNA. AI learns the user’s writing styles based on his past writing. If AI finds any variation on a writing style, it alerts the System about it.

Artificial Intelligence can also be used to detect spam emails, malicious files, and links too.