{"id":10320,"date":"2021-12-06T16:56:57","date_gmt":"2021-12-06T13:56:57","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10320"},"modified":"2021-12-06T16:56:57","modified_gmt":"2021-12-06T13:56:57","slug":"sensitive-information-in-inbox","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/sensitive-information-in-inbox\/10320\/","title":{"rendered":"Gelen kutunuzda saklamaman\u0131z gerekenler"},"content":{"rendered":"<p>Birisi posta kutunuza eri\u015fim sa\u011flarsa, ba\u015f\u0131n\u0131za gelecek \u015fey muhtemelen <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/what-is-bec-attack\/7936\/\" target=\"_blank\" rel=\"noopener\">BEC sald\u0131r\u0131s\u0131d\u0131r<\/a> (kurumsal e-posta hesab\u0131n\u0131z\u0131n ele ge\u00e7irilmesi). E-posta hesab\u0131n\u0131zdaki yaz\u0131\u015fmalar, sald\u0131r\u0131n\u0131n ba\u015far\u0131ya ula\u015fmas\u0131ndaki en b\u00fcy\u00fck etkendir. Elbette g\u00fcvenlik yaz\u0131l\u0131m\u0131, b\u00f6yle bir \u015fey ya\u015fama olas\u0131l\u0131\u011f\u0131n\u0131z\u0131 azalt\u0131r ancak herkes kimlik av\u0131 sald\u0131r\u0131s\u0131n\u0131n kurban\u0131 olabilir, dolay\u0131s\u0131yla her ihtimale kar\u015f\u0131, ba\u015fka birinin g\u00f6rmesini istemeyece\u011finiz yaz\u0131\u015fmalar\u0131n\u0131z\u0131 silerek olas\u0131 hasar\u0131 en aza indirmek \u00f6nemlidir. \u0130\u015fte \u00f6ncelikle silmeniz gerekenler.<\/p>\n<h2>Kimlik do\u011frulama verileri<\/h2>\n<p>Bug\u00fcn \u00e7o\u011fu modern servis, ge\u00e7ici parolalar\u0131 bile e-posta g\u00f6ndermemeye \u00e7al\u0131\u015f\u0131r. Bunun yerine parola de\u011fi\u015ftirme aray\u00fcz\u00fcne ula\u015fabilece\u011finiz benzersiz ba\u011flant\u0131lar g\u00f6nderirler. Sonu\u00e7ta \u015fifrelenmemi\u015f e-posta yoluyla parola g\u00f6nderilmesi olduk\u00e7a korkun\u00e7 bir fikirdir. Ancak baz\u0131 \u015firketler hala parolalar\u0131 e-posta ile g\u00f6nderiyor ve bu uygulama daha \u00e7ok \u015firket i\u00e7i hizmet ve kaynaklarda kullan\u0131l\u0131yor. Dahas\u0131 \u00e7al\u0131\u015fanlar bazen kendi parolalar\u0131n\u0131, oturum a\u00e7ma bilgilerin ve gizli sorular\u0131na verdikleri cevaplar\u0131 e-postalar\u0131na g\u00f6nderirler.<\/p>\n<p>Bu t\u00fcr e-postalar, sald\u0131rganlar\u0131n tam da arad\u0131\u011f\u0131 \u015feydir: Kurumsal kaynaklara eri\u015fimle, sosyal m\u00fchendislik manip\u00fclasyonlar\u0131 i\u00e7in daha fazla bilgi edinebilir ve sald\u0131r\u0131lar\u0131n\u0131 daha da geli\u015ftirebilirler.<\/p>\n<h2>Online servislerden gelen bildirimler<\/h2>\n<p>Online servislerden her g\u00fcn, kay\u0131t onaylar\u0131, parola s\u0131f\u0131rlama ba\u011flant\u0131lar\u0131, gizlilik politikas\u0131 g\u00fcncelleme bildirimleri gibi farkl\u0131 t\u00fcrden bildirim al\u0131yoruz. Harflerin tek ba\u015f\u0131na bir anlam\u0131 yoktur ancak hangi hizmetlere abone oldu\u011funuzu g\u00f6sterirler. Sald\u0131rganlar da b\u00fcy\u00fck olas\u0131l\u0131kla bu bildirimleri otomatik olarak arayabilecekleri haz\u0131r komut dosyalar\u0131na sahiptir.<\/p>\n<p>\u00c7o\u011fu durumda posta kutunuz, t\u00fcm bu servislere ula\u015fmay\u0131 sa\u011flayan anahtar g\u00f6revi g\u00f6r\u00fcr. Sald\u0131rganlar hangi servisleri kulland\u0131\u011f\u0131n\u0131z\u0131 bilerek parola de\u011fi\u015fikli\u011fi talebinde bulunabilir ve posta kutunuz \u00fczerinden bu servislere eri\u015fim sa\u011flayabilir.<\/p>\n<h2>Ki\u015fisel belgelerinizin taranm\u0131\u015f kopyalar\u0131<\/h2>\n<p>Kurumsal kullan\u0131c\u0131lar (\u00f6zellikle k\u00fc\u00e7\u00fck i\u015fletmelerdeki \u00e7al\u0131\u015fanlar), \u00f6zellikle ofisteki makineler taranan dok\u00fcmanlar\u0131 e-posta \u00fczerinden aktar\u0131yorsa, posta kutular\u0131n\u0131 bir nevi bulut depolama olarak kullanmaya e\u011filimi g\u00f6sterirler. Genellikle rutin evrak i\u015fleri veya i\u015f gezileri i\u00e7in pasaport, vergi kimlik no. ve di\u011fer belgelerin kopyalar\u0131na ihtiya\u00e7 duyulur.<\/p>\n<p>Ki\u015fisel bilgilerin yer ald\u0131\u011f\u0131 t\u00fcm e-postalar\u0131 <a href=\"https:\/\/www.multitran.com\/m.exe?s=immediately+upon&amp;l1=1&amp;l2=2\" target=\"_blank\" rel=\"noopener nofollow\">hemen<\/a> silmenizi \u00f6neriyoruz. Belgeleri indirin ve \u015fifreli olarak saklay\u0131n.<\/p>\n<h2>\u0130\u015fle ilgili hassas belgeler<\/h2>\n<p>Bir\u00e7ok \u00e7al\u0131\u015fan i\u00e7in belge al\u0131\u015fveri\u015fi, i\u015f ak\u0131\u015f\u0131n\u0131n ayr\u0131lmaz bir par\u00e7as\u0131d\u0131r. Bununla birlikte baz\u0131 belgeler yaln\u0131zca i\u015f arkada\u015flar\u0131n\u0131z i\u00e7in de\u011fil, sald\u0131rganlar i\u00e7in de de\u011ferli olabilir.<\/p>\n<p>\u00d6rne\u011fin finansla ilgili bir raporu ele alal\u0131m. Bir muhasebecinin e-posta kutusunda duran bir finans raporu, \u00e7ok say\u0131da etkili bilgi i\u00e7erir ve BEC sald\u0131r\u0131lar\u0131 i\u00e7in ideal bir ba\u015flang\u0131\u00e7 noktas\u0131d\u0131r. Bu t\u00fcr bilgilere sahip siber su\u00e7lular, i\u015f arkada\u015flar\u0131na rastgele haz\u0131rlanm\u0131\u015f doland\u0131r\u0131c\u0131l\u0131k mektuplar\u0131 g\u00f6ndermek yerine, do\u011frudan baz\u0131 y\u00fckleniciler, hesaplar ve i\u015flem bakiyeleriyle ilgili ger\u00e7ek bilgileri kullanarak ilgi \u00e7ekici e-posta ba\u015fl\u0131klar\u0131 olu\u015fturabilirler. Ayr\u0131ca, \u015firketlere sald\u0131rmak i\u00e7in \u015firketin i\u015f kapsam\u0131, ortaklar\u0131 ve y\u00fcklenicileri hakk\u0131nda da yararl\u0131 bilgiler elde edebilirler. Baz\u0131 durumlarda, dikkatli bir \u015fekilde incelenen bir finans raporu, borsada manip\u00fclasyon yap\u0131lmas\u0131na da yol a\u00e7abilir.<\/p>\n<p>Bu nedenle, hassas bilgilerin al\u0131nd\u0131\u011f\u0131 anda silinmesi ve asla \u015fifrelenmemi\u015f olarak payla\u015f\u0131lmamas\u0131 \u00f6nemlidir.<\/p>\n<h2>Ki\u015fisel veriler<\/h2>\n<p>E-posta adresinize, \u00f6zge\u00e7mi\u015f, ba\u015fvuru ve kay\u0131t belgeleri vb. gibi ba\u015fkalar\u0131na ait ki\u015fisel veriler de g\u00f6nderilmi\u015f olabilir. \u0130nsanlar, \u015firketinize ki\u015fisel verilerini saklama ve i\u015fleme izni verdi\u011finde, sizden bu bilgileri g\u00fcvende tutman\u0131z\u0131 beklerler. \u00d6zellikle ki\u015fisel verilerin korunmas\u0131na ili\u015fkin kat\u0131 yasalara sahip \u00fclkelerde d\u00fczenleyici kurumlar\u0131n beklentisi de bu y\u00f6ndedir.<\/p>\n<h2>E-posta kutunuzun g\u00fcvenli\u011finin ihlal edilmesini nas\u0131l \u00f6nlersiniz?<\/h2>\n<p>Sald\u0131rganlar\u0131n ilgisini \u00e7ekebilecek t\u00fcm bilgileri yaln\u0131zca gelen kutunuzdan de\u011fil, G\u00f6nderilenler ve Silinenler klas\u00f6rlerinizden de silmenizi \u00f6neriyoruz. Yapt\u0131\u011f\u0131n\u0131z i\u015f ticari a\u00e7\u0131dan hassas bilgileri e-posta ile g\u00f6ndermenizi zorunlu k\u0131l\u0131yorsa, \u00e7o\u011fu e-posta istemcisinin i\u015f i\u00e7in destekledi\u011fi \u015fifrelemeyi kullan\u0131n.<\/p>\n<p>Ayr\u0131ca, m\u00fcmk\u00fcn olan her yerde iki fakt\u00f6rl\u00fc kimlik do\u011frulamay\u0131 kullanman\u0131z\u0131 \u00f6neriyoruz. Bunu yapt\u0131\u011f\u0131n\u0131zda, bir sald\u0131rgan posta kutunuzun g\u00fcvenli\u011fini ihlal etse bile di\u011fer hesaplar\u0131n\u0131z\u0131 ele ge\u00e7iremez.<\/p>\n<p>Parolalar\u0131 ve taranan belgeleri Parola Y\u00f6neticisi \u00e7\u00f6z\u00fcm\u00fcm\u00fcz gibi \u00f6zel uygulamalarda saklay\u0131n.<\/p>\n<p>Posta kutunuzu g\u00fcvende tutarak sald\u0131r\u0131lar\u0131n \u00f6n\u00fcne ge\u00e7mek i\u00e7in, gelen e-postalar\u0131 <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security\/mail-server?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">posta sunucusu<\/a> d\u00fczeyinde dikkatli bir \u015fekilde taramadan ge\u00e7irin ve ek bir koruma katman\u0131 olarak kurumsal bilgisayarlarda <a href=\"https:\/\/www.kaspersky.com.tr\/small-business-security\/small-office-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_banner____ksos___\" target=\"_blank\" rel=\"noopener\">g\u00fcvenilir g\u00fcvenlik \u00e7\u00f6z\u00fcmler<\/a>i kullan\u0131n.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"ksos\">\n","protected":false},"excerpt":{"rendered":"<p>Web aray\u00fcz\u00fc \u00fczerinden e-postan\u0131z\u0131 kullanmak pratik olabilir ancak sald\u0131rganlar kurumsal posta kutular\u0131n\u0131n pe\u015findedir ve bir g\u00fcn s\u0131ra sizinkine de gelebilir.<\/p>\n","protected":false},"author":2598,"featured_media":10321,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[2019,1921,2204],"class_list":{"0":"post-10320","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-bec","11":"tag-e-posta","12":"tag-posta"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/sensitive-information-in-inbox\/10320\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/sensitive-information-in-inbox\/23502\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/sensitive-information-in-inbox\/26513\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/sensitive-information-in-inbox\/26091\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/sensitive-information-in-inbox\/32023\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/sensitive-information-in-inbox\/43037\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/sensitive-information-in-inbox\/18209\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/sensitive-information-in-inbox\/18600\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/sensitive-information-in-inbox\/15590\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/sensitive-information-in-inbox\/27808\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/sensitive-information-in-inbox\/32014\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/sensitive-information-in-inbox\/27890\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/e-posta\/","name":"e-posta"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10320","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/2598"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10320"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10320\/revisions"}],"predecessor-version":[{"id":10322,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10320\/revisions\/10322"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10321"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10320"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10320"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10320"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}