Story image

Internet users still trust big email providers - despite major breaches

09 May 2017

Internet users still trust global email providers like Yahoo, Gmail and Outlook but don’t know quite as much about privacy-focused services, a new survey from NordVPN has found.

Out of 2000 respondents, 43% said they didn’t know how to answer the question. 36% believed that Gmail cared about user privacy the most; followed by Outlook (22%) and Yahoo (14%).

“The scale of the breaches regularly experienced by popular email providers raise concerns about how big companies protect their data,” says Marty P. Kamden, CMO of NordVPN (Virtual Private Network).

NordVPN cites reports that more than one million Gmail and Yahoo accounts, including usernames, emails and passwords, are being sold online for bitcoins.

In addition, the 2014 Yahoo breach affected more than 500 million email accounts. Gmail requires personal information despite not being directly breached, NordVPN states.

Microsoft has not escaped the breaches either - in 2016 Microsoft Office clients were hit by a ransomware attack. According to NordVPN, it took 24 hours for Microsoft to respond and block the attacks.

When asked to name email providers that apparently offer privacy, only a small percentage of respondents were able to do so. 4.5% of respondents identified Countermail, 6.3% of respondents identified ProtonMail and 3.56% identified Tutanota.

According to NordVPN, this suggests that internet users need to educate themselves about secure email providers. 

“We at NordVPN try to remind people to put their online security into their own hands: to use strong passwords, encrypted email providers, and VPNs,” Kamden says.

NordVPN recommends the following for online privacy:

1. Switch to an encrypted email provider, such as ProtonMail. ProtonMail is a free encrypted email service provider, offering end-to-end encryption – meaning even the provider itself cannot decrypt and read subscribers’ emails. No personal information is required to create accounts, and the basic account service is offered free of charge. Other secure email providers include Tutanota and Countermail.

2. Use strong passwords and a password manager. Perhaps the most basic requirement for any online account setup is using strong passwords, and choosing different passwords for different accounts. Weak passwords make it simple for hackers to break into an account. A strong password has a minimum of 12 characters, and includes a strong mix of letters, numbers and characters.

It’s not easy to remember strong passwords for each site, so it’s recommended to use a password manager, though some – such as LastPass – have also experienced security breaches. In any case, password managers are still recommended for safety and security – such as truekey.com, LastPass and 1Password.

3. Turn on multi-factor authentication. Multi-factor authentication is a security system that will a user to access their online account after they log in with their username and password, and then require the second-step authentication: either through a fingerprint scan or by sending a code via text. Most sites, including email providers, already offer multi-factor authentication as an option.

4. Use a VPN. VPNs encrypt all traffic between a user’s computer and a VPN server, providing complete privacy and security in Internet browsing experience. The only information visible to any intruder or hacker is the connection to a VPN server and nothing else. All other information is private as it is encrypted by the VPN’s security protocol.

Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Aussies too lax about IoT security - McAfee
Aussie consumers are at a loss when it comes to securing the increasing number of connected devices in their homes and are often opting to take no action at all.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres