{"id":4121,"date":"2014-10-06T10:00:46","date_gmt":"2014-10-06T14:00:46","guid":{"rendered":"http:\/\/me-en.kaspersky.com\/blog\/?p=4121"},"modified":"2020-02-26T18:59:05","modified_gmt":"2020-02-26T14:59:05","slug":"primary-webmail-protection","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/primary-webmail-protection\/4121\/","title":{"rendered":"Prioritizing the Protection of Primary Webmail Accounts"},"content":{"rendered":"<p>Not all accounts are created equal. It\u2019s only natural that you would care less about an ESPN Fantasy Football account than you would care about your <a href=\"https:\/\/www.kaspersky.com\/blog\/a-holistic-approach-to-online-security\/\" target=\"_blank\" rel=\"noopener nofollow\">online banking or PayPal account<\/a>. Anyone who spends even a little time thinking about security is careful to use a strong password and proceed with caution when accessing a service related to personal finance. However, a lot of users are also relatively careless about their primary webmail account, which often serves as a master key to all other accounts.<\/p>\n<p><a href=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2014\/10\/05111658\/Security-Tips-to-Prevent-Email-Hijack-Attacks-1.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-6240\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2014\/10\/05111658\/Security-Tips-to-Prevent-Email-Hijack-Attacks-1.png\" alt=\"Security-Tips-to-Prevent-Email-Hijack-Attacks\" width=\"640\" height=\"480\"><\/a><\/p>\n<p>Think about it: whenever you set up nearly any online account, you\u2019re prompted to enter a primary webmail account. There are a number of reasons for this. First and foremost, the service that you\u2019re signing up for probably wants your email address for a variety of marketing and advertising reasons, the most obvious of which is so they can send you promotional content.<\/p>\n<p>Much more importantly for us, this primary email account is also the place where you can recover online accounts if they become hijacked or if you forget your password. In this way, your primary email account is more sensitive than your PayPal or your banking account, because if the email account is compromised, so too are the PayPal and banking accounts.<\/p>\n<div class=\"pullquote\">Your hacked accounts affect the lives of all of your contacts. It\u2019s like refusing to get a flu shot or to vaccinate your children: these are not decisions that affect only you, but they affect everyone.<\/div>\n<p>Beyond that, a criminal in control of your webmail account can gather some serious intel about what other accounts you use online, and compromise those as well. Therefore, a hacked webmail account is, in more cases than not, the equivalent of someone hacking your entire digital life.<\/p>\n<p>This is why we constantly and relentlessly remind you to use strong passwords and <a href=\"https:\/\/www.kaspersky.com\/blog\/what_is_two_factor_authentication\/\" target=\"_blank\" rel=\"noopener nofollow\">enable two-factor authentication<\/a> and all other available security controls for accounts of importance.<\/p>\n<p>It\u2019s not just your primary email account you should worry about.<\/p>\n<p>Google and Apple accounts, depending on how you use those services (especially Gmail or iCloud), can potentially provide access to vast swaths of your online and physical existence. Additionally, Facebook and Twitter can have access to scores of other online accounts and should be considered critical as well. Facebook\u2019s Connect feature in particular, acts as an authentication agent all over the web.<\/p>\n<p>OpenID provides a similar service that \u2013 if compromised \u2013 could give an attacker access to any number of online accounts, including your primary webmail, so it should be strongly protected as well.<\/p>\n<p>It\u2019s impossible to say what accounts you use for which purposes, but you should occasionally audit yourself. Really examine your accounts\u2019 settings pages and determine how they are connected to one another and to third party apps and services, and act accordingly.<\/p>\n<p>Long story short: you need to start handling that primary email address in the same way you handle your online banking account, or perhaps\u00a0even more carefully since it is your most\u00a0precious online account. Do you access your bank account from public or unfamiliar computers? Then you shouldn\u2019t access your primary email address like that either, because there is no way to know for certain if any computer other than your own is safe.<\/p>\n<p>It\u2019s not just yourself you should worry about either.<\/p>\n<p>Your hacked accounts affect the lives of all of your contacts. It\u2019s like refusing to get a flu shot or to vaccinate your children: these are not decisions that affect only you, but they affect everyone. Because when or if you contract measles, you impose the risk of becoming infected with measles on nearly everyone you come into contact with.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Prioritize #security with your primary email because it can provide access to all other accounts<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2F8bbn&amp;text=Prioritize+%23security+with+your+primary+email+because+it+can+provide+access+to+all+other+accounts\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>Similarly, when and if your account is hacked, attackers will use it as a tool to attack the accounts of your friends, family and digital acquaintances. A good attacker will look through a hacked account, gather context and send malicious emails that are nearly impossible for a human to recognize as such. <a href=\"https:\/\/www.kaspersky.com\/multi-device-security\" target=\"_blank\" rel=\"noopener nofollow\">A strong antivirus solution<\/a> will protect you against email-borne attacks containing malware.<\/p>\n<p>Kaspersky security products also contain anti-phishing technologies that will detect <a href=\"https:\/\/www.kaspersky.com\/blog\/how-to-avoid-phishing\/\" target=\"_blank\" rel=\"noopener nofollow\">phishing websites<\/a> and warn you about them. This sort of protection will prevent you from handing over valued information to sites designed to look like the legitimate services you use. Ultimately, such anti-phishing protections could keep you from accidentally giving away your password and username combo, and thus access to a valued account, over to an attacker.<\/p>\n<p>Security is hard, but if we work together, follow these steps and deploy multiple layers of protection, we are all better off.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Your primary email account is often the master key that can provide backup access to all other accounts, which is why you must be particularly careful with it.<\/p>\n","protected":false},"author":219,"featured_media":4122,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[7,9],"tags":[19,175,187,809,76,43,810],"class_list":{"0":"post-4121","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-products","8":"category-tips","9":"tag-email","10":"tag-gmail","11":"tag-passwords","12":"tag-personal-security","13":"tag-phishing","14":"tag-privacy","15":"tag-webmail"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/primary-webmail-protection\/4121\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/primary-webmail-protection\/4215\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/primary-webmail-protection\/4645\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/primary-webmail-protection\/4873\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/primary-webmail-protection\/5491\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/primary-webmail-protection\/6239\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/primary-webmail-protection\/5024\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/primary-webmail-protection\/5491\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/primary-webmail-protection\/6239\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/primary-webmail-protection\/6239\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/email\/","name":"email"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4121","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/219"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=4121"}],"version-history":[{"count":2,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4121\/revisions"}],"predecessor-version":[{"id":15925,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/4121\/revisions\/15925"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/4122"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=4121"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=4121"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=4121"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}