Stop using Free-mail for business
By Cloud Direct • 08 Oct 2009
With worrying reports about more phishing attacks on popular web-based free email accounts I cannot understand why some people still use these services for business. Firstly, using a free email account like Hotmail or Google in a business capacity looks unprofessional. If you’re too disorganised to sort out a proper, professional, domain name, then how does that reflect on your company? Secondly, the latest spate of mail outages from these free services shows that you’re business is at the hands of institutions with other priorities. If there is an outage for 2 hours, you can’t do anything about it. There is no support number to call, there is no contingency plan to implement - you just have to ride it out. But what if that outage were to occur at a critical time in the business cycle or an important sale was affected because of it?
If those disadvantages still don’t perturb you, then the latest phishing cases should make you take heed. Imagine all your archived emails from customers, suppliers, prospects e.t.c. being published on the web for access from anyone. Not a good reflection on your company.
‘Phishing’, for anybody who doesn’t know, is the broad term for any effort to gain personal data, directly from the user – login details, passwords, bank details – by tricking them into entering it into a website or email. It can come in many forms of spam or as a regular pop-up on a website. Most people are quite savvy to it, although thousands do fall for it on a weekly basis.
What was particularly dangerous about these latest attacks was that they were based on key logging. Unlike a traditional phishing scam, where people are lured into revealing details on a fake website, key-logging records individual key strokes. In some cases this malware could have been downloaded automatically without knowledge of the user. The scam was highlighted when several lists, detailing more than 30,000 names and passwords from Hotmail, Google and Yahoo web mail accounts were posted online.
And before you use the same old excuse, ‘oh there’s no way that would happen to me, I definitely won’t fall for that’ - I too, recently almost got caught out by a virus. On my home PC I suddenly started getting virus attack messages from an anti-virus programme I didn’t recognise and definitely didn’t install. It keep telling me to ‘Get Protection Now’ by downloading ‘free software’. Whilst I didn’t click on the application (which looked very authentic and Microsoft-esk) I was drawn to it basically because it wouldn’t leave me alone – with pop-ups coming left right and centre. It created panic and worry that my data was about to be wiped. I’m sure that had I clicked on the application to ‘Get Protection Now’ it would have asked for an email address and password that could then be used to access personal information.
After updating my AVG software, it flagged the malware and wiped it from my system. However, it goes to show how easily something can find its way onto a computer without the user knowing it. At first I thought it was just a recent Windows security update but a few years experience in the data security industry eventually caught on. Others might not be so lucky.
Share this post