“I don’t care about getting hacked, there’s nothing valuable in my email”

If I had a nickel for every time I heard that!

It’s the most common reaction I encounter when I try to warn people about cyber threats and what can happen if their email ends up breached.

And the odds are against us: one in four email accounts today gets hacked.

Here’s a simple exercise I invite you to do. Open your email and take a look at everything that you keep on it, both sent and received conversations. Scan all of them, every attachment you ever sent or received, every personal and work conversation, every email draft.

The truth is, we aren’t aware that we are living a big part of our lives through our email inbox.

We keep it all there, in only one place: photos, contracts, invoices, tax forms, reset passwords for every other account, sometimes even passwords or credit card PINs.

And our emails are interconnected to all our other digital accounts, from bank accounts to social networks (LinkedIn, Twitter, Facebook, etc), cloud services (Google Drive, iCloud, Dropbox), online shops (Amazon, for, ex, where you most likely saved your credit card details as well) and so on.

By simply breaching the email, a malicious hacker can easily get access to all those. They know how to do that.

They know how to take advantage of all the information that we keep on our emails and how to cause us harm.

how keep safe from spam delivered malware

And don’t imagine that they just want your money.

No, they want all the details they can possibly get, no matter if you’re the CEO of a top company, a celebrity or just someone with “nothing valuable” on their emails.

As long as you have an identity and an email address, you’re valuable.

Your data can be used to make financial operations in your name. Cyber criminals can use your credit card details, open bank accounts in your name, take out loans, ruin your credit card’s rating and many others.

What’s worse? 68% of the identity theft victims don’t even know how the thief obtained their information in the first place and 92% don’t know anything about the individual / group that stole from them.

It’s no wonder that our email accounts are being traded all the time!

Here’s what your online accounts are worth on the dark web:

What your hacked account is worth on the Dark Web

So never say “I don’t care about getting hacked, I have nothing valuable in my email”. Sure you do.

The information that you keep on it is just as valuable as gold.

Gold bars


Everything that you keep in your email that makes cyber criminals want to hack it


1. Contracts

Contracts almost always contain confidential information that you wouldn’t want anyone else to see – especially malicious hackers!

Imagine that you’re the CEO of a company and all your employee contracts get leaked. They end up seeing all the deals that they have, a situation that might seriously shake your business.

This actually happens all the time, no matter the size of the company. Remember the Sony Pictures Entertainment hack, from two years ago? A hacker group leaked personal information about the company, their employees, their families, their emails, executive salaries, copies of (then unreleased) movies and many others, including emails of its co-chairman, Amy Pascal.

In the end, it was a very expensive hack, costing the company more than $100 million.


2. Personal conversations

Ryan Holiday been through such a scandal, back in 2008. While he was the Marketing Manager of American Apparel, a former IT employee leaked the personal conversations between him and the CFO. The media outlets span them in order to appear as if the company was facing bankruptcy.

What would be the consequences if your private conversations were ever leaked online?

How much would your business or your job suffer?



3. Photos – especially nude photos

It’s been only two years since the Fappening, when hundreds of nude photos, mostly with women, were leaked. Various celebrities were affected by this scandal, including Jennifer Lawrence, Kate Upton, Kirsten Dunst and many others.

The attacker used a simple phishing technique in order to gain access to victims’ accounts: he sent them emails that appeared to look like they came from Google or Apple, warning them that their accounts might be compromised. He asked them for their passwords and that’s how he managed to get into their emails and iCloud backups.

Lessons to be drawn?

Learn how to detect phishing attacks. Be a little paranoid and pay attention to how you spend all those clicks.

In case every other safety net falls, it’s always better to refrain from taking nude selfies in the first place.

If it’s in a digital environment, you can never be 100% sure that it’s safe, so better not take any photos that you’d be ashamed of if anyone else saw them.

Your normal photos can also be used for identity theft or doxxing, but these are harder to keep under control, with all the activity on the social networks.

If you want to keep your privacy settings under control, you can start with these security guides for Facebook, LinkedIn, Twitter, Instagram.

mobib transport pass


4. Invoices, scanned IDs, insurances

All these can be used by malicious hackers for identity theft as well.

I tend to scan the important documents or take a photo of them and then email those to myself (or to whoever needs them at a certain moment).

Easiest solution is to delete them immediately afterwards.


5. Passwords, credit card pins or bank account information

This one’s easy: if you’re storing your passwords on your email, in case your email gets breached, so do all your other accounts.

You either write them by hand and store them in a safe place, where only you have access, or you use a password management software to keep them encrypted for you.

Here are more tips on how to manage your passwords.



6. “Reset your password” emails

Most likely you used your email several times to reset the passwords for other accounts, such as Facebook, Twitter, Amazon etc.

If a criminal gets access to your email, they’ll see what other accounts you have, reset your passwords and take over those as well.

It’s not hard for them to find them, but you could make their job harder by deleting all the emails you get from those accounts.

Also make sure that you unsubscribe from all the useless notifications those services send.

If you have accounts on online shopping websites such as Amazon, try not to save your credit card details on them. Instead, fill them in every time you want to buy something.

Cyber Security for Travelers - How Not to Get Burned This Summer [Heimdal Security]


7. Travel itinerary and calendar

These are gold for thieves or scammers. Just think about it: they know precisely when you’re gonna leave home, when you will be on a plane (and most likely without a phone signal), when you’ll be in a meeting, and when you’ll return back home.

You can end up with your house broken into. Or, even worse, they can use that information to scam your parents, as they know you won’t have access to a phone.

If you’re preparing to travel, here are some tips on how to how to have a cyber safe holiday.

Check statistics and researches


8. Tax forms

Tax forms contain a crazy amount of information about us, that can be used by identity theft criminals.

If you emailed them in the past, search for them and delete them.


9. Order confirmations from online shops

Such emails contain all the order details, from what you bought, to the delivery address, date, phone number and method of payment.

From here, a cyber crook can also access your online shop profile and see your saved credit card details.

Remember to delete all transactional emails after you received the orders.

Don’t save any credit card details or delivery addresses on your profiles – not on Google storage, not on Amazon, not on Dropbox, nowhere.


10. Your contacts

It’s not only your contact information that’s compromised, but also all of your contacts.

They are also valuable to cyber attackers, as they can use them for identity theft as well or to sell on the dark web to spammers.

I’m talking about email addresses, phone numbers, even physical addresses.

Media manipulation through fear and panic


Here’s what you can do to keep cyber criminals out of your email account:


1. Set strong and unique passwords

This should be the first and foremost step taken.

I know I keep insisting on this step. I’d skip it altogether if there wasn’t a huge discrepancy between what people know they should do and what they actually do. Unfortunately, it’s in the human nature to react only after getting burned.

The two main characteristics of a good password are its strength and uniqueness.

A strong password should be long enough (go for at least 14 characters), include upper and lower cases, numbers and symbols.

Don’t use your name or nickname, your birth date or birth place, nor the birth date, birth place or name of any of your family members or friends (pets included as well).

Also stay away from any variation of the word “password” or common passwords such as “qwerty”, “0000”, “1111”, “12345”.

Here’s a longer list of bad passwords.


By “unique password” I mean to say that you shouldn’t reuse your passwords on any other accounts. Don’t set the same password for Facebook, Twitter, email, cloud storage and so on. Otherwise, in case one of those services gets hacked, all the rest of your accounts will be vulnerable.

Learn from the recent mega data breaches that affected hundreds of millions of users. Databases with passwords from LinkedIn, MySpace and Tumblr accounts led to many more breaches.

Celebrities were just as affected: Mark Zuckerberg’s Twitter and Facebook profiles were hacked because he was using the same (extremely weak) password he had on LinkedIn. Katy Perry and Drake weren’t spared either. I would have thought they have a team of experts consulting them on essential security matters, but…guess not.

Most likely you have tons of accounts that you use more or less often, which makes it an almost impossible mission to keep track of all the random, strong and unique passwords. You can make your life easier by using a password management software.

It will keep all your passwords encrypted and warn you if you try to set a password that’s neither strong nor unique. And this way you’ll only have to remember the master password, the one that you use for the software.

Here are more tips on managing your passwords.



2. Activate two-factor authentication

This is the second most important step you should take. Activate two-factor authentication (also called multiple factor verification) everywhere you can.

Almost all major companies offer this option and some even impose it by default. From bank accounts to email providers, big social networks, cloud services and so on, you should keep it enabled everywhere it’s available.

It works as an extra protection layer, besides passwords. The second factor usually consists of a unique passcode that’s time sensitive and you can only receive it through your mobile phone or some other physical object that you have.

You can see how this can be an impediment for malicious hackers, lowering their chances to succeed. Even if they somehow manage to find out your passwords, they’ll only be able to access your account if they also get past this second security layer.

And you won’t need to authenticate yourself every time you open your browser or mobile app and want to check your account. You can save the devices and browsers you use most often, and you’ll only be prompted to insert the second-authentication factor if you want to log in from a new device.

Here’s how and why you should activate two-factor authentication.

Cyber Security for Travelers - Lock Devices With Password [Heimdal Security]


3. Set a lock code to your devices

I’m surprised to see how many people leave their devices unprotected by not setting an automated lock.

We can’t always guard our laptop, mobile phone or tablet and make sure that nobody else accesses them. A lock code is one of the easiest ways to keep intruders away.

I had to learn this the hard way. A few years ago I left my laptop unsupervised for a few minutes. One of my soon-to-be-ex-employees took advantage of the occasion and installed a keylogger on it.

Just a few weeks later, he used all that info to hack me and cause damage to my work. Nothing irremediable, by it was still a huge ruckus and stress that I’d have rather not been through.

Here are more tips on how to keep your mobile phone secure.

12 True Stories that Will Make You Care About Cyber Security (2)


4. Install security software

Install security software on all your devices. By “security software” I’m referring to:

A strong, reliable antivirus. Pay for one that’s well known, never install antivirus from pop-ups or ads that you run into while navigating on the web.

Here’s an advanced guide on how to choose an antivirus that will suit your needs.

Software that will keep you safe against the newest generation of malware. Yes, our own Heimdal Security is such a product – it works in a proactive way, by analyzing your traffic data. Heimdal will block the attacks before they get a chance to cause you any harm. It works complementary to antivirus.



5. Learn how to detect and prevent phishing attacks

Phishing isn’t a new technique, but it’s still an efficient one: 23% of email recipients open phishing messages, and 11% click on attachments!

Cyber criminals can use phishing attacks to withdraw money, steal your identity, open credit card accounts in your name and further trade all that information about you.

So be careful with what emails and attachments you open or what links you click on.

Here’s a complete guide on how to detect and prevent all types of phishing attacks – read it, learn it, start applying them.



6. Declutter & Backup

Stop keeping things that you don’t need anymore in your inbox. Delete all useless emails (especially all those that I talked about before in this article).

Backup everything else, every important email or attachment. Encrypt them and store them in a safe place (it can be a cloud storage or a separate hard disk).

Here’s a simple guide to backup.

slow computer



Don’t be delusioned into thinking that this will never happen to you, that it only happens to celebrities or important CEOs. It might have already happened and you’re not even aware of it.

Yes, the violation of your privacy is a serious criminal act. Yes, law enforcement agencies will surely find and punish the ones responsible. But, by then, the damage will have already been done.

Do you really want to go through all that stress, all that wasted time and energy?

However, in case it’s too late and your account was already hacked, here’s a guide on how to control the damage.

The easy way to protect yourself against malware
Here's 1 month of Thor Foresight Home, on the house!
Use it to: Block malicious websites and servers from infecting your PC Auto-update your software and close security gaps Keep your financial and other confidential details safe


Try Thor Foresight

Great post, informative blog. You cover a good topic of this era.

I think This would be the best as i found the topic, What is the basic tick tacks for which we are going to hire new things I like that way that you are sharing…..

thanks for sharing this psot

thanks for sharing this psot

What A Great Informative Post. Thank you for sharing this with us. Keep posting And Helping Us.

What A Great Informative Post. Thank you for sharing this with us. Keep posting And Helping Us.

Thanks For Sharing, Nice Article Keep Sharing Check Out Our Website for Pogo games related problems

Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.

Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.

Great Post! Thanks For Sharing, Nice Article Keep Sharing Check Out Our Website for Pogo games related problems

I enjoy this website – its so useful and helpful.

Thank you for sharing with us, its really nice post, you can also visit below link and take benefits of our services

Nice Post!! Hey Guys, Are you facing problems in Microsoft Software or getting invalid key error while Using Microsoft? Take help of Microsoft Support Number. At here, we provide you online technical help for your Microsoft call toll free and get quick help.

Wow! Great information, its really useful post for me, thanks for sharing.

Amazing information, such a great post and I love it.

Great Post! I really love how it is easy on my eyes and the information are well written

Your blog is meaningful, I have read many other blogs, but your blog has hit me, I hope you will have more great blogs to share with readers.

hello!,I really like your writing very a lot! share we keep in tohch more about your post on AOL?
I need an expert on this house to resolve my problem.
Maybe that is you! Looking ahead to look you.

sharing very useful post! thanks for this.

Thanks for sharing this article about cyber email hacking , really helpful

Thanks for sharing such informative article

Thanks for sharing this information………keep posting

Great article…..good work…keep posting

Great Blog! Cyber Security is one of the topmost aspects in the digital world. Once your email gets hacked you lost your identity.

PhoneSupport Hub A Reliable and Leading IT Compnay provide support for small business and home users for any kind of computer network problem.

Very helpful blog. I find it very informative. Thanks for sharing

Great information. Lucky me I came across your blog by chance (StumbleUpon). I have saved it or later!

Wow! its really amazing information for me, thanks for sharing great post.

Without security we can’t secure our important document, so please activate the security to save our important data

Hacking is a bad process, we should protect our computer system.

Nice Blog, I really appreciated with you my friend keep posting I would like to see more blog. Have you any technical errors regarding emails problems and you need some help then contact to our experts technicians who available all time for help email users.

The security should be the main priority for everyone. We should keep the password so strong in which we can use alphanumeric characters and special characters also to sign up the email. We should not share the email id on the spammy websites.

Nice and helpful information shared by this article with us and I hope that we will also get more new information regarding this post as soon as. This information is valuable for most of the users.

Set the strongest password possible. Celebrities like Mark Zuckerberg, Katy Perry and Drake, along with scores of everyday folks, were hacked because they used weak passwords. You’d be surprised at how many folks use the same password for every account, despite repeated warnings. The biggest no-no is using the same password for multiple sites because if one site is hacked and your password is exposed for that site, your other accounts will then be vulnerable. Obviously, it’s hard to remember a bunch of strong (which means long and complex) and unique passwords.

Security is a need now a days. to secure your computer device is important for us.

Very helpful blog. I find it very informative. Thanks for sharing with us.

Great Post. Thanks for sharing very useful blog. All information is very helpful for us.

Thank you for sharing such a great article. Keep sharing. It will help lot of peoples.

There are certain things which are making the cybercriminals to hacked the emails inbox just because there is the personal conversation which is having it and the password which is the condition as many other things which will be risky to have it so for that it should be very attentive to save it.

There are some things that are making cybercriminals to hack email inbox because they have private conversations and passwords which are the status of many other things, which will be risky, for which it should be very careful to protect it.

There are certain things which are making the cybercriminals to hacked the emails inbox just because there is the personal conversation which is having it and the password which is the condition as many other things which will be risky to have it so for that it should be very attentive to save it.

I’m afraid this article has the same flaw as almost every other article on email security. It focuses on protecting the inbox, but fails to advise people that send email is completely unprotected when it leaves your computer.
This gives people a false sense of security. E.g. “I have two-factor authentication now, so it’s fine to send this spreadsheet attachment to by tax representative”.
The article would benefit from reminding people that sent email is completely unsecure unless it’s encrypted.

Hi Eddie, thank you for the feedback. Indeed, the article focuses on securing your email account, not necessarily protecting outbound communication. If you use encrypted solutions, we hope you checked out the recently disclosed PGP vulnerabilities 🙂

Thanks again for the input, have a great day!

Great article Cristina. Thank you for sharing the valuable information

heimdal security good post 🙂
This is a fact that we keep so valuable information in our inbox and thats why hackers want to hack it
but no has been able to hack gmail inbox except hamza
you can about hamza here btw
so even when hackers want to hack, they cant hack google gmail for sure
hence we are safe


Hacking isn’t always exploiting flaws in code or finding back doors. Everyone is one click from being scammed, phished, or conned to reset/confirm our password. Then you are hacked!

“I don’t care about getting hacked, there’s nothing valuable in my email”
– I’m going to put this mantra of the unaware on my shop window.

I would query “If you have accounts on online shopping websites such as Amazon, try not to save your credit card details on them. Instead, fill them in every time you want to buy something.” – Surely this only applies if your email account has already been hacked? Gmail 2-factor authentication should prevent this occurring? Probably open to debate?

Thank you for your feedback, Andy!

While the second part of the article is up for debate, we’d still recommend yo don’t save your card details, because breaches can happen irrespective of personal efforts to keep data safe. And Amazon accounts are a favorite target for cyber criminals precisely because of the card details they include. Of course, it’s up to each and every one of us to choose the level of protection we want to adhere to.

Getting hacked is scary but it’s real. It can do a lot of damage to you especially if you work online. I am glad I am actually using the two-factor authentication with my email for quite some time now. It’s a bit tedious but it’s all worth it. Need to take some time to delete personal info in my inbox though as what the article suggested. Great read, very informative!

Leave a Reply

Your email address will not be published. Required fields are marked *