Back To Posts September 8, 2016

How to protect yourself from hacking

How to protect yourself from hacking

Hackers are scary bunch (check different hackers faces here) – whether criminals seeking to steal money and personal information or just an idealist working with a political agenda, they have the knowledge and the power to access your most precious data.

The thing about hacking is that even though you may not be a main target, you might find yourself a victim. Why? Perhaps for trusting a company with your personal information without realizing that any exploit weaknesses in the company’s security puts the data you’ve entrusted to that company in jeopardy.

Having that said I think the most important thing to begin with is the following:

“There is nothing, hardware or software, that is unhackable.”

If a hacker — a real hacker, not someone with a set of easily available hacking tools — really wants your information, they will get it. One clear example is the famous celebrity iCloud accounts hack attempt to pull down private photos.

They say that the Internet never forgets and it’s not going to get any better, so instead of sitting back and waiting to get infected, why not arm yourself and fight back?

Here are 10 things you should do to protect yourself from hacking:

1-Update your OS and other software frequently, if not automatically:

Despite the new features and enhancements, software updates always include security fixes and patches for new threats and bugs appearing everyday. This keeps hackers from accessing your devices through vulnerabilities found in outdated programs.

2-Create strong, unique passwords:

The advice is always to use complex, unique passwords and PLEASE DO NOT USE THE SAME PASSWORD FOR ALL ACCOUNTS. This means that if hackers break one account, they will have access to everything.

If you can’t remember all passwords you can create a selective pattern and have it tweaked for each account:

“I_444_loveHacking@fb”

– where 444 is a random number and fb is the name of the account type

“I_266_loveHacking@tw”

“I_266_loveHacking@ic”

123456“: Is the most popular ‘worst password’ used last year. Also in the top five were ‘qwerty’ and ‘password’

Cyber experts advise to create unique, long passwords of eight characters or more using upper and lower case letters, numbers and symbols and change them regularly.

People should avoid using easily identifiable information, such as names and birthdays. The more complex the password the better, so made-up phrases using punctuation and numbers for letters could help you remember them – such as:

‘!d0g5lykD3n7i5t5!’ for ‘Dogs like Dentists’.

3-Check URLs:

An easy way for hackers is to harvest usernames and passwords using fake webpages designed to look like ones you use, such as your bank or Facebook.

When you click a link you should always check the URL is the one you would expect before you enter any personal details. A secure way to open sites is using https:// at the beginning of the web address, which encrypts your data. If a green padlock is next to the address, the website is secure.

 4-Beware of phishing websites and downloading malicious software:

Clicking on unknown links may lead to ‘phishing’ sites (that harvest usernames and passwords) or download viruses or malware (malicious software) onto devices that make them vulnerable to hacking.

Downloading attachments provides an open door for hackers so people should consider whether attachments can be trusted, even if they are sent from a friend – their email account could be compromised.

5-Do not use open WIFI:

Do not use open wifi; it makes it too easy for hackers to steal your connection and download illegal files. Some hackers attempt to create open networks sometimes with working internet access in order to steal their targets info for illegal use. This technique is really spreading even in Lebanon, I personally found some of these networks in public places like universities, restaurants…

Also Protect your wifi with an encrypted password, and consider refreshing your equipment every few years. Some routers have vulnerabilities that are never patched. Newer routers allow you to provide guests with segregated wireless access. Plus, they make frequent password changes easier.

6-Beware of those “free” apps:

Apps can be another method for hackers to download spyware onto devices. Always check the permissions on the apps before installing them to make sure they are not storing unnecessary personal information. For example, a game app should not have access to your contacts list or your network info.

Access Trojans (ATs) are usually downloaded invisibly within a program and perform actions similar to legitimate software. Regularly update apps as they tend to patch security problems.

7-Don’t link accounts:

In a world where Facebook Login is commonplace and some apps and services only work if you use your Facebook Login credentials, it’s difficult to keep accounts separated. Facebook does offer two-factor authentication so there’s at least a stopgap for the entry into all those linked accounts. But if it’s possible, use a separate account for everything each with its own unique login and password information. It’s also a good idea to see which apps you have linked to your Facebook and Twitter accounts and remove ones that you no longer use.

8-Security questions:

At some point these made sense. Probably before social networks had us sharing all our personal information with friends, family and then eventually the world. Now security questions like “What’s your mom’s maiden name?” and “What’s the name of your favorite movie?” are easy to answer by anyone that knows how to use Google, since we’ve shared most of that information online. Instead of answering truthfully, come up with unique answers that make zero sense in context. For example: “What’s your favorite food?” could be answered with Buster Table.

Make sure it’s something memorable that has nothing to do with the actual question.

9-Password protect all your devices:

This should be the first thing you do with a smartphone, tablet, or computer. Your computing devices are just giant bags of personal information. If any of them get stolen, why make it easier for the culprits to steal your identity? Plus, you’re not just saving yourself grief, but all of your contacts. Gathering email addresses is the first step in hacking into a person’s accounts.

 

10-Misinformation:

This includes your birthday, billing address, birth location, and family ties.

Birthdates can prove to be a huge security risk. Just move your birthday on Facebook a few days forward or back and maybe even change the year or you can hide it. Most people won’t even notice and for those that do, just tell them why and suggest they do the same.

Also, if you’re already friends on Facebook with family members, there’s really no need to advertise that you’re also family. A smart hacker can determine your mother’s maiden name via aunts, uncles, cousins, and grandparents. Your mom doesn’t even need to be on Facebook for her maiden name to be known.

Finally, I would like to finish the article in Sarah Lacy‘s words:

“Everything about Mark Zuckerberg is pure hacker. Hackers don’t take realities of the world for granted; they seek to break and rebuild what they don’t like. They seek to outsmart the world.”

Are what we call hackers the real danger here ? or instead companies that manipulates our personal information and puts our privacy at risk everyday?

Maroun Melhem

I’m a coding fan, open source contributor, occasional writer at blog.maroun.me

 

References: