All email is subject to being hacked, not just Gmail. Here are a few tips to relieve concern about spoofing, including how Google users can connect securely to Gmail.
Spoofing
Spoofing occurs when your email account is hacked and used to send a spam message to all your contacts.
A friend’s Gmail account was spoofed this week. Below is the message sent to all of her contacts:
DO NOT CLICK ON ANY LINKS IF YOU RECEIVE SUCH A MESSAGE!
Spoofed email messages also revealed every address in the victim’s contact list!
She called Google, changed her password, and deleted all her contacts. What a mess!
Why does Spoofing happen?
Why does one get targeted? I don’t have that answer. big sigh… Did someone exploit the Gmail service? It looks like it occurred randomly. It’s strange. It didn’t happen to everyone, but a search of the forums show random Gmail spoofing, especially in April of 2008. (hmmmm… This is September.) Maybe they picked up an alias from a forum, and then they gained access to contact lists through an exploit.
Okay, enough of trying to figure out why. What can you do to avoid the break in?
Secure your Email Account!
Choose a strong password and security question.
- Change your password. Use at least 8 characters, including upper & lower-case letters and numbers (0-9), preferably something without words. Use exclamation points and any of those characters that require you to hit the Shift+ a number on your keyboard - !@#$%^&*().
- Change your security question. How about choosing a favorite color that doesn’t exist? Too many security answers can be guessed by someone who knows just a little about your background.
Gmail Secure Access
Google made it possible to connect to Gmail via secure http, known as https in July 2008. (Read Gmail Blog post, Making security easier.)
- Click on Settings.
- The new Browser connection option is at the very bottom. Select “Always use https” then Save Changes.
Whallah!
Look at your URL (website address) as shown below. You will see that it became https immediately after hitting “Save Changes.”
This means you can go to https://mail.google.com to access your email for your Gmail.
NOTE: I also use Google Apps for my company email. The https security option is only available to those with Google Apps Premier Edition. (To stay or go Pro, that is the question.)
Now, if you use Gmail, you don’t have to be so nervous about snoops! I wish that spoofing would go poof in the night and be gone!
Tags: Gmail, Gmail secure access, Google Apps, hacking, Security, spoofing
Cristina wrote,
Seems to be precious information, never heard about accessing gmail by https. Thank you for sharing this.
Link | November 11th, 2008 at