HYDERABAD: Not changing e-mail passwords for a long time could cost you. In a recent case detected by the Cyber Crime wing of Rachakonda police, a private firm which was supplying material to a defence establishment in the city, had incurred losses to the tune of Rs 1.50 crore. The e-mail password, which was not changed for months together, was used by an employee, who colluded with the accused. They prepared fake e-mail IDs and started correspondence with the defence establishment. Experts suggest passwords should be changed more frequently and it should be a combination of alphabets, symbols and numbers.
ACP Cyber Crimes, S Harinath of Rachakonda Commissionerate said while changing passwords is a safe practice for all users, it is more important in case of organisations and industries, where multiple persons have access to official e-mails. “In addition, two-step verification procedures will also help in preventing your accounts from being misused,” he said.
In the recent case, the firm owner had given access to the e-mail and password to an employee. As he was with the firm for close to a decade, the owner never suspected him. In addition, the password was not changed for a very long time. But a railway guard who had a grudge against the owner over financial issues, trapped the trusted employee and obtained the official e-mail ID and passwords. Using these, he created a fake e-mail ID and started corresponding with the clients. As the correspondence was defamatory in nature, the firm was blacklisted and incurred losses to the tune of `1.50 crore.
Police suggest that in such instances, the access should be with one individual only and arrangements should be made so that this would facilitate transactions. Besides, this should be kept confidential from other employees. While for firms, it is related to business, individuals have to be careful as sensitive information is stored in the mail now. So changing passwords frequently and having two-step verification process is always safer.