Rhodri Marsden: The true cost of email security
Wednesday 21 April 2010
I have a friend called Jenny. I don't receive many emails from her – for some reason we don't have that kind of relationship – but the ones I do get are worded awkwardly and tend to urge me to buy stuff. This isn't what I'd expect from her, frankly. She's highly literate and a bit of a closet hippy, and this doesn't square very well with her references to exciting new "electornic" gadgets, and insisting that this is a "really good chance for shoping". Sadly, Jenny has become one of thousands of "malware mules", whose email account details and passwords are available on the black market from anywhere between 65p and £13. A down payment of this piffling sum gives you access to her online address book (including my own details) and thus the unmissable opportunity to send me messages masquerading as friendly communiqués from Jenny that begin with the words "Hello Dear" before immediately segueing into a sales pitch for a popular brand of training shoe.
The evil masterminds behind all this figure, quite rightly, that we're more likely to open messages from people who are embedded within our address books – even if the subject lines of their emails are suspiciously reminiscent of spam, eg, "you'll be the super lover". Not only that, the message is far less likely to be rejected in the first place by spam filters, which are, thankfully, getting better at rejecting random missives from non-existent humans advising us of tempting ways to boost our flagging sexual appeal. This hijacking of email accounts is just one contributory factor towards the ever-increasing level of spam that mail servers are having to deal with: up 6 per cent in the first three months of this year over the same period in 2009.
But spam is only one of the problems faced by the malware mules. We store all kinds of personal information in our webmail. Login details to various websites, including online banking and credit card sites, can get lodged in online inboxes without us even thinking; perhaps we've sent them to a trusted friend so we can access said sites on their computer, or just emailed them to ourselves as a reminder. But once we've done that, they sit on the email server for perpetuity – unless we delete them – and the only barrier to them being accessed is the guessing of one password. And a recent analysis of breached passwords showed that hundreds of thousands of people worldwide still consider the password "123456" to be a pretty clever security device. It isn't.
Security software firm Symantec has just highlighted this issue in one of its regular, and by their nature slightly harrowing, Internet Security Threat Reports. Con Mallon from the company underlines the dangers by stressing that all our passwords could thus be obtained for less than a pound. For this scenario to occur you'd have to be pretty unlucky, and a bit stupid, but many people, including me, can easily fall into that category from time to time. And with cyber crime having recently overtaken the international drug trade as the most lucrative illegal global business, we'd do well to take Symantec's advice, change our passwords, and stop using our email accounts as pathetically insecure filing cabinets.
Another example of malfunctioning security was exposed on Monday, when Apple inadvertently revealed its new iPhone model about three months early, thanks to an employee who went out for the night in Redwood City with a prototype in his or her back pocket, and ended up leaving it on a bar stool. Many of us have lost a phone after two drinks too many, but few of us have had to face the wrath of our employers on Monday morning as a direct result. The fate of the unfortunate employee isn't known, but before Apple remotely disabled the device the new owners were able to ascertain that it was running the hitherto unseen iPhone 4.0 software, at which point they handed it over to technology website Gizmodo. As Apple's powers stop short of being able to remotely retrieve the device via some gigantic geolocating magnet (the company is reported to "want it back") Gizmodo treated us to a YouTube showing-off: it has a front-mounted camera for video chatting, a larger battery (thanks to the other components slimming down) and a squared-off construction faintly reminiscent of a Braun gadget from circa 1972. It's atypical for Apple to have scuppered a big reveal moment in this fashion – but predictably, it hasn't stopped people wanting one. Now, when's my upgrade due?
Life & Style blogs
Astrological signs are almost all wrong, as movement of moon and sun throws out zodiac
PTSD photo series documents what the disorder is really like – as study reveals suicides of 22 US veterans every day
Earth Hour: The world turns off the lights in call for climate change action
Clocks change: how to make sure iPhone and smartphones automatically ‘spring forward’
The truth about student sex workers: it's far from Belle Du Jour
Ukip supporters are 55 or older, white and socially conservative, finds British Social Attitudes Report
JK Rowling responds to fan tweeting she 'can't see' Dumbledore being gay
Jeremy Clarkson sacked live: Alan Yentob 'wouldn't rule out' ex Top Gear host's BBC return
Revealed: Putin's army of pro-Kremlin bloggers
Germanwings plane crash: Co-pilot Andreas Lubitz wanted to 'do something people would remember him for'
The West has it totally wrong on Lee Kuan Yew
- 1 Finland schools: Subjects scrapped and replaced with 'topics' as country reforms its education system
- 2 The West has it totally wrong on Lee Kuan Yew
- 3 Watch: Man takes selfie every mile of 2,600 mile hike, creates amazing timelapse video
- 4 The day I starred in Only Fools and Horses
- 5 Scientists have discovered a simple way to cook rice that dramatically cuts the calories
iJobs Gadgets & Tech
£6 per hour: Recruitment Genius: This is an exciting opportunity to join a gro...
Negotiable: Recruitment Genius: A Service Delivery Manager is required to join...
£30000 - £40000 per annum: Recruitment Genius: Our client is looking to find a...
£21000 - £23600 per annum: Recruitment Genius: An exciting opportunity to join...