HOW YOU CAN GET HACKED + PREVENTION TIPS
If you are one of the very few people out there who haven’t yet experienced the hacking of their email and/or social networking accounts, don’t be mistaken, you are not invulnerable: it can only take one click, one careless mistake, one apparently safe download or the temptation to engage in a fun social game. Your world can be hacked in a myriad ways.
So let’s expose the three most common tactics that hackers employ to get inside your personal matrix, and elaborate a bit on each of them to get a picture of their full extent.
1) PASSWORD GUESSING
2) KEYSTROKE CAPTURING
3) PHISHING
Needless to say that what most hackers are after is your money and your contacts’ money, but there’s also another motivation behind the hacking of your email and social networking accounts and that’s what we are also going to explore when elaborating on method number 1, Password guessing.
PASSWORD GUESSING requires for a hacker to know you either personally or know details of you and your life such as your date of birth, details from your interests and preferences, your mobile number, your pets’ names… Yes, you’ve guessed right. This hacker is close to you in some way. They can be very close, such as a friend, boyfriend/girlfriend, ex-boyfriend/ex-girlfriend or family member can be, or fairly close to information about you and your life, such as a networking social contact can be. And within this last context is why you should be the most careful with regards to what you share and… with whom. These are details that can be used to guess a password or the security question of your email account in order for hackers to reset your password to one of their own, enabling them to login into your account.
Surely, you think that guessing a password requires power thinking, good social skills and a bit of psychology, but let’s face it, it’s easy to lose track of what one can share in social networking sites and it’s even easier to fall into lazy memory habits when creating a password. You’d be surprised of how little thinking it may take to guess your password if you’re prone to be fairly open with regards to the first case scenario and, fairly human when it comes to the second.
Here is what you need to do in order to protect yourself against this hacking method:
A – Create complex passwords and/or totally unrelated passwords to your personal details, preferences, interests and life experiences.
B – Do not use the same password across several email accounts, or at least vary it partially for each.
C – Choose security questions whose answer can’t be easily guessed. For example: Avoid ‘name of first school’, ‘mother’s maiden name’, ‘place of birth’… you get the idea.
D – Hide as many personal details as possible in your social networking profiles and don’t give away detailed personal or private information, either from you or from your closest contacts.
E – Related to D: Avoid exposing your links to family members and/or disclose their full names and shared details. Instruct your family members to do the same.
F – Avoid default user names such as ‘admin’ on the logins of your blogs and websites.
G – Don’t send passwords or store important information online or offline.
H – Avoid public Wi-fi connections.
I – Make sure you have logged out completely from websites and sessions either when connecting from public spaces or in shared work and home/clubs areas.
J – Monitor your logged on locations: Facebook has this option and email servers such as Gmail shows you from where last your account has been accessed. Know your IP addresses and if the last one does not match with the location/IP of your latest account activity, take action (you’ll find methods on how to solve a hacking attack also on this article).
KEYSTROKE CAPTURING would be the second in the scale of a proximity order from a hacker, at least when it comes to one hacking tool: the Hardware Keylogger.
The hacker requires physical access to the victims’ PC to install the hardware keylogger. This device can be easily and quickly inserted in between the keyboard and the PC to capture all the keystrokes, and thus the data, that you enter. This data (obtained from your keystrokes) is collected in a temporary file on your PC and stored in the flash memory of the keylogger. They hacker only needs to retrieve the keylogger or access remotely your PC to open that temporal file and get the data.
Another way for keystroke capturing consists in the deployment of a Software keylogger (Spyware). Hackers send this keylogger application via email to their victims using a variety of disguises so the victims feel tempted or compelled to click on that link and open/download the application.
Just with that click the keylogger is automatically installed on your PC without any warning, and Antivirus programs also fail many times to recognise it. This application collects all your keystrokes (data) which are also stored in a temporary folder, periodically uploaded to the hackers location over the internet.
There’s a very extended practice which you have surely witnessed at least once if you are a member of any social networking site, especially Facebook. A hacker will have hacked one of your contacts’ email accounts/ social profiles and will either send you a private message for you to click on a specific link, or will have post it on your contact’s profile enticing or urging others to click on it.
Here is what you need to do in order to protect yourself against this hacking method:
Against Hardware Keylogger: Check your keyboard and PC for peculiar, strange, out-of-place devices.
A – Install an Antivirus complete with AntiSpyware and Malware protection, and if you obtain it from the internet, make sure it is from a manufacturer’s official site or a legitimate distributor’s site.
B – Never EVER click on any suspicious links and even less if you do not recognise the sender. Be careful, hackers may use email accounts that may resemble legitimate companies and organisations’ email addresses. Also, don’t click on that odd link that your social contact has posted on their profile or sent you by private message.
C – Never install/download any Software patch or keygen, unless, again, this is from a legitimate source or site.
Onto number three of the most common methods used by hackers: PHISHING. Phishing works by directing you to enter your details at a fake website whose look and feel mimic the legitimate one and even the url may appear to be identical to the legitimate site.
The email or message you receive appears to come from a bank, or credit card company, requesting a verification of information. On clicking the link offered in that message, you are directed to a fake login page, which, as explained above, looks almost identical to the real one.
When you enter the information, this is either emailed to the hacker or saved in a text file hosted on the server.
Here is what you need to do in order to protect yourself against this hacking method:
A – If you are entering your details on a social networking site or any other site, make sure the url is legitimate and secure. Watch for the url to start with https:// <–(notice the bold typefont used on ‘s’ – Make sure that this ‘s’ is there), and that it continues and finishes exactly as the legitimate site’s.
B – With regards to social networking sites…. AVOID APPLICATIONS. Yes, some of them are fun, but beware that not only they are storing ALL the personal information you entered in your account, but that also the creator of the application could have easily fooled the social networking site’s application’s security procedures.
TOO LATE, I’VE BEEN HACKED
Don’t worry, here’s how to solve it
First of all, don’t panic.
Now, if you suspect that the hacker could have accessed your bank and credit card details, notify both your bank and credit card company, but not before you:
A – change all your account’s passwords and security questions (following the precautions described above in this article) from a safe PC and a secure network.
In the time you reach the appropriate contact/department at your bank and/or credit card company and explain the situation the hackers could have accessed data they had no time yet to collect previously to you noticing the breach. So, this is number one priority. If a complete breach has already taken place, and your money stolen/compromised, your bank or credit card company will investigate the issue and maintain/refund your funds accordingly.
B – Next, make your PC and connections safe:
1. Restore your PC to a date before the breach took place (Start > Control Panel > System and Security > Recovery > System Restore -Restore this computer to a earlier point in time-).
2. Update your Antivirus program (as instructed earlier in this article) and run the updated program/version in search of viruses, spyware and malicious software.
3. If your PC is still infected and the antivirus cannot get rid of the threat, or you are not sure about when exactly your system was free of the threat and you suspect that your activity can still be monitored: Format your hard disk and re-install your Operative System (OS).
And from now on:
4. Download the latest Chrome, Firefox, Internet Explorer, Safari versions (from the legitimate sites)
5. Use a phishing filter in your email accounts and browsers; it will help you identify a phishing scam by showing you what is safe and what is not.
6. Be abreast with the latest on internet security. You can subscribe to especialised blogs or set alerts for this type of updates in your news reader.
7. And follow all the prevention tips offered on this article.