Skip to main content

Topic: Data Security (Read 2090 times) previous topic - next topic

Data Security
A member of another forum recently contacted me RE CryptoWall.  At the moment there's not a lot that can definitely be done because of the nature of the encryption.

It's predecessor, Cryptolocker, has been broken and keys are available - they MAY be able to help with Cryptowall but don't count on it.

Now, the attack vector is via email and file attachment.  Of course the ideal is to delete all questionable emails without opening them.

This sounds good in theory, but most people who use fat email clients like Outlook also set it to display the currently highlighted email - this must open the email to do so and will execute any code that opening an email will do - you can get infected REALLY easily this way.

My advice is TURN OFF preview - yes, I know it's inconvenient but it's a lot less inconvenient than losing your data, or worse, having it encrypted and an extortion notice to decrypt - how bad is it knowing your data is there but you can't get it because some mongrel has encrypted it.
I plays 'Bones, crumpets, coronets, floosgals 'n youfonymums - gonna lern tubies next

Re: Data Security
Reply #1



   I can recommend Mailwasher - www dot firetrust dot com - for which a free version is available.  It does a stripped down preview so - they say - you can see the plain text in the email without any risk.

   MusicJohn, 4/Feb/15

Re: Data Security
Reply #2
I have Mailwasher too. Works very well.
Rich.

Re: Data Security
Reply #3
Our metrics, and general industry trends, indicate that many people have moved to cloud based e-mail. Although this sacrifices privacy, it does tend to protect against catastrophic hacks. In this scenario, your provider wants to be the sole source of data tracking, so they tend to protect you from external attacks. Good news, bad news...

Re: Data Security
Reply #4
Our metrics, and general industry trends, indicate that many people have moved to cloud based e-mail. Although this sacrifices privacy, it does tend to protect against catastrophic hacks. In this scenario, your provider wants to be the sole source of data tracking, so they tend to protect you from external attacks. Good news, bad news...

I currently do both - a Gmail account that screens most of the spam, and where I initially read and screen the ones that made it through. Then I pull down the surviving messages to my PC via Outlook, so I have an offline copy.