More Internet/Network Security Answers
Question Library
Ask a question about Internet/Network Security
Volunteer
Experts of the Month
Expert Login
Awards
About Us
Tell friends
Link to Us
Disclaimer
|
| |
|
|
| |
| | | |
About Daniel Fredriksen
Expertise
I can answer questions about information security (INFOSEC), operation security(OPSEC), communication security (COMSEC), physical security for hardware, software/web security development techniques, security Systems Development Life Cycle (secSDLC), data security, network and security policy development, network contingency planning, threat identification, risk management, encryption, secure socket layer (SSL) certification/use, transaction security, DSS PCI (online credit card handling standards), NIST sp800-30, counter-espionage, classification systems, .
Experience
Thirteen years experience as a computer programmer with six years experience consulting on various information technology matters to include cybersecurity.
Six years experience consultanting for the U.S. Military and business clients, to include physical and information security consulting.
Veteran of Operation Iraqi Freedom III, and Operation Enduring Freedom VII
Organizations
American Society for Industrial Security (ASIS)
International Foundation for Protection Officers (IFPO)
National Association of Investigative Specialists (NAIS)
NY Army National Guard
Education/Credentials
Pursuing Doctorate in Information Technology (University of Phoenix)
Pursuing Doctorate in Intelligence Management (Henley-Putnam University)
C# Certification (Brainbench)
Certified Protection Officer (IFPO)
Associate in Science LA, AOF in Computer Science/Protective Services (Excelsior College)
Past/Present Clients
Mannino Systems, WebIT-Tech, New York Army National Guard, U.S. Army, Romanoff International, Miesha Tate & Shana Olsen (Women's MMA stars), Afghan National Police, Iraqi National Army
| | |
| |
You are here: Experts > Computing/Technology > Internet/Network Security > Internet/Network Security > email & identity theft
Expert: Daniel Fredriksen - 11/3/2009
Question
I will be traveling outside of the country and as a precaution to losing my passport and other important papers I have scanned them and emailed the scanns to myself. That way I can access them from any online computer.
Is it possible for someone to access my email account and use these files to steel my identity?
Please advise
Wolf Moehrle
Answer
Absolutely, but there are steps you can take to reduce the likelihood of such an occurrence.
First, ensure that you do not use any public computers. If you are bringing your own laptop, only use that laptop. The reason is you do not know how safe those public computers may be. They could be infected with malware, or tapped.
Second, if you are connecting to the Internet, make sure it is not via an unsecured wireless connection. An identity thief could easily pick your data right out of the air, and gain access to all of your credentials.
Third, turn off your cache and cookie settings. If somebody steals your laptop and your computer is set to automatically log into your e-mail, then they will have your information.
Ensure you use strong passwords. Strong passwords are those that are not easily cracked or hacked with brute force attacks. Such a password could be something like 13-28 characters in length, consist of random capital and lowercase letters, special characters, and numbers. It should also be easy to remember so you don't have to write it down. For example, bL@cKsM1tHt3St makes a good password because you can remember the word "blacksmith test" the a is an @,the i is a 1, the e is a 3 and every other letter is capitalized.
Your security questions are also a vulnerability point. Anyone who knows a little bit about you, or does a little investigating can easily break your security questions. I have done it myself on someone I didn't meet just by research stuff about them on the Internet. If you create a security question, the answer should be unrelated. For example, if you choose the question "What is your pets name?" the answer should be something like "bullcrapper". Nobody will ever guess bullcrapper.
Always make sure nobody is looking over your shoulder when you enter passwords in.
And finally, you might want to encrypt the e-mail you send yourself with the passport information. Even if they do get in, they would have to hack the encryption password. Make it something different from your e-mail password. You can use a tool at www.hushmail.com to encrypt emails with a password. This will protect the e-mail in transit and at its destination.
Add to this Answer Ask a Question
|
|
)