2007-03-03 09:20:25 · 1 answers · asked by sal77 1 in Computers & Internet ➔ Internet
Several possibilites:
- An individual has a key logger or remote session to store passwords or monitor what you do.
- A network sniffer or protocol analyizer is installed on the computer or another computer and captures the email while being sent or acts as a transparant proxy while you browse or log into a secure site online.
To prevent this from happening, its always good to have antivirus, firewall or similar security tools to monitor what is installed or communicating with your computer. Disabling CD, USB, and Floppy access at boot and then password protecting access to the BIOS so this cannot be overridden. Having a password on your account is good and making sure that the screen saver requires password to disable.
Furthermore, if you use a email client like Outlook, you can use secure connections if your ISP supports it. Regarding if an individual has a network or protocol sniffer on the network, your best defense is use encryption on traffic you send through the network making it at least harder for them to use. When entering passwords or browsing sites that contain confidential information, make sure that the address contains https rather than http. These are secure sites and they should also have a closed pad-lock on the address bar for IE7 or on the lower-right bottom of the screen in older browsers. When you're done browsing, clear the cache and cookies which can store passwords or other details that a hacker may use.
Though hackers can crack these sessions, it requires them to get access to security certificates. If you enter a site and a warning message appears saying that the site is untrusted or the certificate is not signed or invalid, that would be a red flag in most situations, but not all. There instances where the vendor has a certificate, but isn't signed by what is called a root authority, the third-party that verifies the identity of the remote host. Use your best judgement on this because it is when users go into a unsecure or sites with unsigned certificates by the root authority that a hacker more easiliy capture emails.
2007-03-04 03:26:22 · answer #1 · answered by Elliot K 4 · 0⤊ 0⤋