Who’s Been Reading Your Email?
With 350 million users, Microsoft's Hotmail
remains one of the big three players in web-based email, along with Yahoo and
Gmail. Unlike the last two, though, Microsoft doesn't make it easy to see
whether and when your email accounts have been accessed by un-authorised third
parties, nor does it give any indication of who that third-party might be. Now
given that webmail is, understandably, under constant hacker scrutiny, you
might be forgiven for thinking that this is an oversight. I certainly find it
difficult to believe that Microsoft hasn't seen fit to add this most basic of
snoop alerting mechanisms to the service.
With
350 million users, Microsoft's Hotmail remains one of the big three players in
web-based email, along with Yahoo and Gmail.
This baffling inability to see the bigger
security and privacy picture is one of the main reasons that I'm nothing but a
casual observer of Hotmail, rather than a regular user. Regular readers of PC
&TA may recall that Barry Collins, himself, learned about Hotmail security
woes when he made a brief switch from Gmail earlier in the year. Not that
either Yahoo or Google is without fault, and both have had their share of media
insecurity headlines lately, but both do at least give their users a quick-
and-dirty method of checking account access patterns.
With Gmail, just click on a link at the
bottom right of the inbox screen the link itself tells you when the account was
last accessed as a quick visual check, and clicking it pops up a window with
far more detailed information about times of access, the device used and the IP
address that access was from. According to Sophos technology consultant Graham
Cluley, his law enforcement contacts confirm that Hotmail does actually log
this access data and can extract it and make it available to investigators if a
warrant so demands. In which case, you have to wonder why it can't make the
same information available to end users.
Gmail
login box
This type of activity report should be
viewed regularly by anyone who takes their security seriously maybe I'm a
little too paranoid, but I check it at the start and end of every day. It's an
easy way to get a heads-up, not only about obvious risks such as jealous
partners, stalking strangers or curious hackers, but also about any rogue
third-party apps that you may have granted permission to access your email
stream. There's also a neat feature whereby Google will show you whether your
account is being accessed from another location at the same time as you're
reading it; this is listed in the "concurrent session information"
table. Most often it just means you've left another browser window open
somewhere, but there's no harm clicking the "sign out all other sessions"
button just to be on the safe side.
You don't even have to rely on checking the
report yourself, since you can ask Google to monitor for unusual activity and
alert you automatically, but it doesn't hurt to take a proactive approach for
good measure. The Gmail last account activity report shows, for example, access
by web browser, POP client, mobile devices and third-party applications: if any
of these doesn't make sense say, your account has been accessed by a mobile
device but you use only a web browser, or maybe the time stamp suggests it was
accessed while you slept, or even a different IP address from the others in the
list was used chances are that your account security has been compromised. In
which case I'd recommend you change your password as a matter of course along
with those for any other service where the password is reused and change it to
something more complex.
Another thing that Gmail has going for it
compared with Hotmail is that it allows password strings of more than 100
characters, as opposed to Hotmail's maximum of 16. This may not seem like a big
deal, but as someone who uses character password strings of more than 20 as a
matter of course, it's yet another reason I steer clear of the Microsoft
webmail service.
In addition to changing your password, if
you think someone has been accessing your account without permission, I'd also
suggest that you check one more thing. It's just possible, if your snooper is
technically adept and being a little bit sneaky, that they'll have second
guessed your intention to change passwords and taken measures to enable them to
continue reading your email. They may have gone into your account settings
where the majority of users fear to tread for some reason and set up an
automatic forwarding filter that forwards a copy of everything you receive to
another address.
In
addition to changing your password, if you think someone has been accessing
your account without permission, I'd also suggest that you check one more
thing.
This isn't as simple for a snooper to
achieve as it sounds, because it requires them to enter a confirmation code
into your account settings page but given that this code is sent to the address
that the mail would be forwarded to, which belongs to the snooper, this isn't
beyond the realm of possibility. A person who has access to your account could
enter the code and activate forwarding without your knowledge. Accessing your
settings and hitting the forwarding tab will reveal the presence of any such
filter and allow you to disable it.
To make your Gmail account even more
secure, I heartily recommend that you implement the two-step authentication
system that Google has now rolled out to all users. This attaches your phone
number to your Gmail account, which significantly reduces the chance that someone
can take control of your email, even if your password security isn't the
strongest. You can find this option in the Change Account Settings area of your
Gmail settings
