Guarding your credit card number and personal information is a high priority. Entire industries of identity protection and credit locks are built around protecting credit card information. While vigilantly guarding things like credit card and even social security numbers, most consumers have a vulnerability in their online activity left largely unsecured. Access to your primary email account is a significant exposure.
The potential damage due to an email account breach is greater than if somebody stole your credit card or possibly even your social security number. In fact some investigators and analysts call the email address “the new social security number.” If a criminal was able to log into your email account, they would be able to access many areas of your personal and financial life. Think back to all of the accounts, logins, and access codes which were established using your email. Your online banking, most credit cards, car loans, mortgages, even retirement accounts are all connected to your email. Try this; go to the website for some financial account you have, and click the “Forgot Password” link. In most cases the institution will simply send the new password or a reset link to your email account. (If you are lucky, some banks have a process to answer certain secret question, but even those can be reset by email)
What if a person was able to access your Facebook account? Could they get personal information from your contacts impersonating you? What about contacts on LinkedIn, your co-workers, or other associations? Remember that your associations with each of these is probably documented in a “Welcome” email in your archived emails. Make a list of all the account records you think you have, and then go through old emails to remember how many you really have. Could a criminal buy $1000 worth of items on Amazon using your stored credit card? How many shopping sites are you signed up for? All of these are accessible simply by getting into your email.
Now within your email messages there is likely a large volume of personal information. Your accountant may have sent your tax returns with social security numbers. You may have emailed credit applications to banks or mortgage companies containing all of your financial information. There are faxes, scanned documents, and copies of drivers licenses possibly attached to emails. Other documents such as Excel files or Word docs may contain sensitive information about your business or employer. More damaging might be “private” photos exchanged between yourself and relationship partners. Last, the message content of communications themselves contains details which you may not want in the wrong hands.
So considering all of this how hard to you protect your email password compared with your credit card number? If it is an easy to guess word or number such as your date of birth it is insecure. Some individuals have it written on a slip of paper near their computer. In some cases the computer stays logged in to the email account at all times. Even if you guard the password carefully, are there any others who know your password? If you use the same password for email that you do for Facebook or other sites, have you given that login to anyone else to upload photos or fix something?
Email account access is a serious risk to all types of breaches. The steps to reduce the exposure are simple. First change your password today, and try and remember to change it every month or so. I recommend writing down the new password each time and keeping the login in a safe with your birth certificate and other valuable documents. You may want to keep your banking logins on that same secured “hot sheet” as well. Be sure to log out from your email when you walk away from it. Be especially careful when checking email from a remote location such as on public WIFI or on a hotel computer. These may be vulnerable to detection. If you must check email from a less-than-private location be sure to change your password again when you get back home. Also be sure check the “Last Login” record every time you look at your email account. Most providers will have a small box on the screen showing the date and IP address that your email was last accessed. it should match your memory of when you last were online.
All of these measures are certainly inconvenient, but much less of a project than fixing the damage caused by a breach of your accounts. In another comparison to the exposure to losing your credit card, remember that if a criminal gets your card number, the bank has to eat the loss. You may have to wait a few days for a new credit card and change some of your automated billing, but at least the problem is fixable. A person rummaging around in your email account for a while can do damage which you may not be able to fix.