e-mail security posts on CNET

e-mail security

Spot a phishing e-mail in 2014

You almost got me, you crafty little phisherman.

The subject line of the e-mail referenced "your Apple ID." The body mentioned my credit card and how it had just been "updated." A quick scan of the rest caused momentary alarm. My credit card? I didn't make any changes to my credit card or my Apple account.

Then my morning coffee -- and common sense -- kicked in. Upon closer inspection, I recognized this e-mail for what it was: an attempt to infiltrate my computer and steal some personal information. In other words, a hacker doing … Read more

Duh: 30 percent of Americans knowingly open spam

"I know I shouldn't, but I will."

Such a thought has, over many centuries, been the precursor to explosions, amputations, marriages, and most of my previous relationships.

Thankfully, it is an impulse that seems to be shared by so many Americans that tears may shortly come to your eyes in sheer relief.

For I am in possession of research suggesting that many Americans just can't help opening spam e-mails, even though they know they're spam.

In this research, nearly one-third of respondents admitted that, at some time or other, they had opened an e-mail that … Read more

Free services make Gmail, Google Drive, Google search more private

It's no secret that any information you provide to a Google service is no secret.

When Google changed its terms of service last year, the company granted itself and any other company it chooses complete, unfettered access to anonymized (we hope) versions of all the messages you send and receive via Gmail, all the files you upload to Google Drive, and all the terms you enter in the Google search box.

As CNET's Rafe Needleman reported in April 2012, Google's rights go beyond simply perusing your personal information. Google's terms of service include the following:

When … Read more

Ten simple, common-sense security tips

A friend took me to task last week for a post I wrote back in January on preventing Google from tracking you when you search. His alternative solution: "Just use Bing."

That got me thinking about other no-brainer approaches to security that thumb their noses at the conventional (and often convoluted and time-consuming) advice of the experts.

Search without footprints via the 'other' search engines Truly anonymous Web surfing requires the use of a VPN service that blocks your IP address as well as other personal information. (For more on VPN, see the tip below.) If you simply … Read more

Google to retire Postini, migrate features to Google Apps

Google plans to shut down Postini, the e-mail security and archiving product it acquired in 2007, shifting users over to Google Apps next year.

The Web announced the transition today, saying that it has spent the last year building Postini's features into Google Apps for Business, a professional suite, and Google Apps Vault, an e-mail archiving and discovery service.

"With this transition to Google Apps, you can receive similar email security, protection, and archiving, but through the more robust Google Apps service," Google said in a company blog post. "Google Apps also works with mail servers … Read more

How to set up Google's two-step verification

Did you read Mat Honan's tale of woe last week? The one where his Amazon, Apple, Gmail, and Twitter accounts were hacked and his digital life was eradicated?

If not, I strongly encourage you to read his story. In a nutshell, hackers strung together pieces of information to gain access to several important online accounts. The results were personally devastating for him. But his story is a good lesson for all of us. After learning the details of the attack -- from one of the hackers himself, no less -- Honan says he regrets three things most of all.… Read more

How to secure your PC in 10 easy steps

There's one thing you can do to avoid being the victim of identity theft: follow this 10-step PC security plan.

Encrypt your network connection Most popular sites offer HTTPS connections at least some of the time. In Gmail, click the gear icon in the top-right corner and select "Always use https" under the General tab.

To select Facebook's HTTPS setting, click the down arrow in the top-right corner and choose Account settings. Select Security in the left pane and Edit in the Secure Browsing section of the main window. Check "Browse Facebook on a secure … Read more

Signing up for Hotmail? Think of a strong password

Hotmail is banning passwords such as "password", "123456", "ilovecats", and "gogiants", in an attempt to make it harder for spammers to hijack users' e-mail accounts.

People who sign up for the Web e-mail service will be prevented from using a password typically used by millions of others, Microsoft said in a blog post on Thursday.

"This new feature will be rolling out soon, and will prevent you from choosing a very common password when you sign up for an account or when you change your password," wrote Dick Craddock, group … Read more

Privacy-centric alternatives to Google, Gmail, and Facebook

The concern about Google, Facebook, and other popular Web services tracking their customers may have you wondering whether there are more-private alternatives. The Ixquick.com metasearcher, PrivacyHarbor.com and Hushmail e-mail services, and FolkDirect social network promise to stay out of your affairs.

Metasearch minus tracking and history Google lets you erase all or part of your Web history with five clicks: after you sign into your account, click the down arrow in the top-right menu, choose Account Settings, select Web History under "My products" (you may need to sign in again), click Clear entire Web History, and … Read more

E-mail security: Back on the front burner

Earlier this week, German software vendor Ashampoo warned users of its products that the company's servers had been hacked and some of its users' e-mail addresses had been stolen. (CNET's Elinor Mills describes the breach in her InSecurity Complex blog.)

Ashampoo didn't disclose the number of addresses lost, but the breach likely pales in comparison to the e-mail addresses exposed in the massive hack of the servers at e-mail marketing service Epsilon, which was disclosed in the first week of April.

Malware purveyors may not need to hack a company's server to get their hands on … Read more