In my Scam of the day for January 19th I introduced many of you to Guccifer, a legendary hacker who targeted the rich and famous, not so much for financial gain, but rather to embarrass public figures by disclosing personal information he gleaned from their email. Perhaps most notably, he publicized communications between former Secretary of State Colin Powell and a Romanian diplomat Corina Cretu, implying an affair which has been denied by Powell. A couple of days ago, Guccifer, who we now know is Romanian, Marcel Lazar Lehel was arrested by Romanian law enforcement and charged with criminally hacking into private email accounts. Lehel has been convicted previously of similar hackings.
It is important to note how simply Guccifer was able to hack into the email accounts of so many people. Generally his hacking started with a single email account of a prominent person and once he hacked into that person’s account, he would have access to that person’s email contact list. He would then log on to his intended victim’s email account without the password merely by answering the victim’s security question. This was the same tactic used by the hacker of Sarah Palin’s email whose security question was where did she meet her husband, the answer to which was readily available on Wikipedia. Too many people use security questions that are just too easy to guess and even if you are not a famous person, you might be surprised how much information there is about you available on the Internet, some of which you may have even put up yourself on Facebook or other social media. The key to protecting your email is to have a strong security question. As I indicated previously in another Scam of the day, you should consider a nonsensical answer to your security question such as having your security question be “What is my favorite vegetable?” with the answer being “electronic clock.” Such an illogical answer will never be guessed by a hacker and is just silly enough for you to remember