If you still think your web-based email account is safe enough to use for business (or anything else for that matter), take a look at an article in last week’s Washington Post. The story details an account of the “other woman” who engaged the services of a cracker web site called YourHackerz.com to break into her boyfriend’s email and her boyfriend’s wife’s email.

The service is able to quickly deliver a password to a customer, for a surprisingly small fee. And YourHackerz.com isn’t the only one of its kind; there are dozens of similar services on the Internet that advertise their dark services freely. For a hundred bucks, they promise to “crack all major web based emails”, including Yahoo!, Hotmail, AOL and Gmail. The service even provides proof cracking before payment. How’s that for good marketing?

Although the cracker service bureau doesn’t specify their techniques, the Washington Post article speculates that they use a Trojan horse technique, which sends the victim an email with a link to a greeting card or some other innocuous-looking item, which when downloaded, launches a keystroke grabber that captures passwords and then sends them back to the host. It’s quite likely that these types of services use a combination of techniques.

The first thing to do to protect yourself is to realize that yes, there are people who want to read your email. Probably more than you think. And it’s very easy for those people to get access, for a small fee, from one of these cracker services within just two or three days. We all tend to think we’re immune. We think nobody can break in, and what’s worse, we think nobody wants to. Unfortunately, it happens all the time, and when we least expect it. Spying, espionage, and just plain snooping happens every day, both in business and in social life. It may be to steal our bank accounts, or it may just be to gather corporate secrets or personal information. If you think your spouse is cheating on you, how far would you go to confirm it?

Regardless of what motivations people may have to crack your email password, there are things that you can do to protect yourself. First and foremost, don’t use free webmail accounts. These are the easiest to crack by far (as Sarah Palin found out). Next, use complex passwords. This can actually only go so far as a means of protection though—if the cracker has a keystroke grabber, no matter how complex your password is, it can be stolen. Use encrypted email for sensitive messages, and connect to your login screen using a secure session.