About two months ago I received an e-mail from a long-time friend of mine directing me to a men’s health pharmaceutical website. At the time I thought how strange it was that the particular friend would send a personal e-mail like that.
Since then, I’ve received at least six more similar e-mails from different people I know. All the mail is similar in nature. Every letter has a benign subject followed by a line of text and an internet link to the website. When I click the link, I’m directed to purchase pharmaceuticals.
A week or so after receiving the first e-mail, an unrelated customer came to the shop explaining that her e-mail had been attacked and someone had been sending ads under her name. After she showed me her sent mail I realized this was more than just a chance coincidence. Someone had been logging into her e-mail and sent the e-mails using her password.
Of course, the very first thing I did was have her change her password to something different. My company policy is that passwords are private and because of that I turned away from her screen. I heard six clicks followed by six more. Then she told me I could look because her new password was now in the system.
“If you don’t mind, what was your old password?” I asked. I explained that at this point it doesn’t matter because her new password was in effect. She paused and told me “abc123.” The look on my face must have been disapproving because she immediately asked me to turn around so she could change her newly reset password to something different.
Reasonably good passwords have numbers and characters. However, to be fully secure one must use a random combination of numbers, letters, symbols and capitals. In addition, the password length should be eight characters long. I have had many people ask me to generate passwords for them (which I won’t do), but I will give hints.
First, start with a not-so-common word. Replace the vowels with numbers. Pick one consonant and replace it with a symbol. Finally, pick one of the letters and capitalize it. But never capitalize the first letter in the word. A good password may be something like m0rT@8@e (a modification of the word ‘mortgage’).
Passwords need to have sophistication to prevent others from using your accounts and accessing personal information. Hackers use software to gain access to your accounts. Reasonably good software can generate upwards of 10,000 character strings per minute. You can bet that “password” is at the top of their list.
How hackers find their way to your e-mail is another story. From what I’ve found, most of the hacked e-mail accounts come from other hacked e-mail accounts. In other words, the woman who was in my store was a contact in an account that was previously hacked. This way the accounts are pre-validated.
Usually the e-mail accounts are not found out through spyware or malware on the user’s computer. I have yet to see the sophistication of this specific type of internet hack to the end where they install utilities on computers to decipher passwords. After all, passwords like the ones listed above are easy enough to guess.
So the moral to the story is to change your passwords to something longer and harder to figure out. Never use the word “password” or other combinations like “abc123” or “pass123.” All of these are easy to guess and very common. A good password is something you will remember and others would never guess.
(Jeromy Patriquin is the President of Laptop & Computer Repair, Inc. located at 509 Main St. in Gardner. You can e-mail him at remoquin@gmail.com or call him directly at (978) 919-8059.)