I don’t command the attention of thousands. I’m just a very little fish in a very big pond who tries to share what I’ve learned without making any unnecessary waves. So what are the chances of me getting hacked? HUGE.
Why would anyone want to mess with me? I’m just trying to keep my family up-to-date while we move from one military town to another.
I don’t have that many followers. I’m not worth anyone’s time.
The truth is that those of us who think like that are PRIME TARGETS.
Why do they want to mess with me?
Have you ever watched siblings interact? You know, the ones where the older child mercilessly picks on the younger child? The motivation behind this behavior is similar to what’s going on with hackers who seek to annoy the little guys: it’s easy, and it’s entertaining.
All this came to my attention recently after Chalene Johnson went public with her story. Some of you may know her from the Beach Body community; however, I hadn’t heard of her until her nightmare started circulating around the business podcast community. On June 6, 2015, hackers, aka Social Engineers, took over her social media sites, deleting her content, posting on her timelines and newsfeeds, and taunting her that she would never regain control.
And that’s when I began to learn some things. Things like 47% of Americans have their private information exposed every single year. Or things like the answers to those security questions that we set up with so many of our accounts—those answers are largely public information on old applications, ancestry websites, DMV records, and so many other places. AND it can all be purchased in a nice little package for as little as $9.
It should! I know some who use the Internet to store their precious photos. What if someone got in and deleted them? Priceless photos, gone.
I know others who have worked to build a community of online friends. What if you were locked out and suddenly had to start over? Email addresses and IM names gone, some that could never be recovered.
What if someone started posting to your Facebook or Twitter feed, leading those who are less suspicious into the carefully laid traps of their hacking friends? What if they were in your email account and could see everything you were doing to try to diminish their attack?
Not to mention all the time and effort it would take to fight this. Who has time for that?
The truth is you are vulnerable, and this game that hackers play has changed drastically in the last thirty days. And while a complex password is imperative, it’s not enough.
What’s the answer?
Unfortunately we can’t fully protect ourselves. Even the federal government struggles to keep private information safe. But, we can do a few simple things to make it harder to get to us, which might just be enough to get these guys to leave us alone in favor of someone easier to target.
According to the experts who fight these guys every day, here are nine basic things you can do to dramatically decrease your chances of getting hacked.
1. Update your software. Enroll in automatic updates whenever you can, but otherwise, as soon as you are notified on your computer, tablet, phone or other electronic device that you have an update—do it! And do all of the updates, not just the big programs you use all the time. Smaller programs that run in the background like Adobe Flash may seem innocent, but they also tend to be the ones full of holes that hackers use to get to your stuff.
2. Get a password manager. This is simply an app that stores all your passwords, allowing you to create different, complex passwords for each of the places you log into. There are many good ones available, but you are looking for an app that will allow you to set up one complex password, like a lock on a safe, and doesn’t allow you any way to retrieve it (You know, those handy little “Forgot your Password?” links). Once you set up your password, give it to your spouse or trusted friend to store in their password program just in case you do forget or are incapacitated in some way.
3. For every account you use, create a unique password. Yes, I know this is a pain, but this is why you have your password manager. Aim to use the maximum number of characters the program allows, use a mixture of lower case and upper case letters, add in at least one number and two special characters. If you have a program that will generate a password for you, use that. Otherwise, do not use a phrase you normally say, something common to your life, IHATEPASSWORDS, or password123.
4. Do not use Facebook or any other social media website to automatically log in to other websites. This is tempting because it’s convenient, but if a social engineer gets into your Facebook, then he also has access to all the sites connected to it. Separate, unique passwords are safer.
5. Whenever possible, use two-factor authentication. This is when a website or app will ask for a password, and then automatically send you a text or email asking you to verify you received it. Not every website uses it, but take advantage of it whenever it’s offered.
6. When you answer security questions on websites—LIE. Think about it this way. If I’m asked what my mother’s maiden name is, and I answer truthfully, I’ve just given an answer that is posted in numerous places: ancestry websites, government forms, medical forms, and bank applications. And many of those things are public information! So make up answers, and store them in your password manager.
7. Create a highly secure password for your email address(es). If a hacker has changed your Facebook password, and you ask them you to send you a new one, it’s going to be sent to your email address. But, if the hacker is already into your email, they are also receiving these emails. So make all email passwords very complex and unpredictable.
8. Make sure your cloud storage (iCloud, dropbox, etc.) has a complex password. Many of us store tons of information in these places, and we could easily be compromised through it.
9. Put a passcode on your phone, and lock it whenever you are not using it. If your phone or tablet has the fingerprint technology, use that instead of a passcode. Turn off location services on any app that doesn’t need it, and delete apps that you don’t use.
None of these steps will make you hack-proof, but they will make life much more difficult for those trying to mess with you. And often, that’s enough to get them to leave you alone.
I know it’s a long, imposing list for those of us who have been online for a while. But think of what you have to lose. Start right now and work on it a little each day.