It’s Your Fault You Got Hacked
Hacking of facebook accounts, twitter accounts, email and more has become rampant on the internet. If you spend enough time on social media sites you will see at least a few spammy posts a day that you know are not being posted by that person but instead by some malicious app. Once the person gets their account back they will apologize for whatever content they posted or messaged you and act like they have no idea how it happened.
Here is the reality if your social media or email accounts get hacked there is a 99.99% chance that you somehow started the chain of events that made it happen. Now a lot of people will dismiss that idea right away. The reality though is if you really think about it having that information means you have the power to be almost 99.99% sure that you won’t be hacked again.
First let’s talk about the 99.99% I use that term because there are only really two kinds of hacks. The first kind of hack is targeted which means the bad guy is specifically trying to get your account information…he doesn’t want everyone’s account information he wants to target you specifically. The second kind of hack is completely untargeted and just meant to get a hold of as many accounts, emails and computers as it can to use for some malicious purpose, usually a scammy marketing campaign.
99.99% of what we see on facebook and twitter and in emails is the 2nd kind of hack. No one is targeted you or wants your specific account they just want to use your account for a little while and send their spam messages. That is why I use the 99.99% because if someone is targeting you and really wants your info that can be difficult for you to stop but if they are just grabbing up accounts in mass frenzy you can avoid them.
To understand how to avoid them it is important to understand how they get to you in the first place. The first and most prevalent way is through phishing. Phishing means that they set up a dummy page that looks like the login for the site you are signing into and you fill in the account and password box hit the login key and you have successfully added yourself to their database to be used as a spam bot.
I have found that people just do not believe that anyone could have phished their account. They believe someone hacked into their computer or they got it because they are friend with John on facebook or I have even seen people on facebook blame the new timeline on being hacked. Reality is statistics say the most likey scenario is they were phished. You have to really pay attention to make sure you do not get phished.
The best rule of thumb for avoiding phishing is to never log into anything where you did not initiate login. For example…you get on your computer and you decide you are going to visit Twitter. You go to Twitter.com and see the login screen and login in. You can feel safe doing this because you typed Twitter.com into your own address bar and you are 100% sure what site you are logging into.
So you go to your feed and you are reading what your friends have to say and you click on a link that a friend posted and click on it. All of a sudden you are back at the login page. You may think something funny happened with the computer and you got logged out and you type in your account and password and hit the button and once again you have successfully submitted your information to be used for spam. You should never log in unless you specifically typed the URL in the browser and are 100% sure you are on the main site. Pages will look exactly the same, the url in the address bar may even say the right site…none of this is an indication you are somewhere you should be logging in. Don’t log in anywhere unless you initiate it.
Another way to get your password stolen is when some random company gets hacked that you happen to be a member of. Recently Walgreens.com got hacked and all of their user data was stolen. Now you may think why does a scammer want with my Walgreens.com login? They don’t…but they are hoping it’s going to work on facebook, twitter and get them access to your email account.
Most of the time that bet pays off for them. You cannot use the same password out on the internet as you do for your most important accounts. If you want to use a dummy password on 3rd party sites that you use everywhere that is ok but that CANNOT be the same password as what you use for important stuff such as banking, email or social media sites. Any password used for banking or anything tied to a credit card or bank account should always have a unique password you do not use anywhere else.
The next way that people get access to your accounts is through apps. People think they should get an app for everything without once considering that each app they join gives someone somewhere very intimate access to their accounts. Apps are very useful and many legitimate companies use them but there are a lot of crap apps out there. You have to ask yourself do I want to know my indian name bad enough to give some stranger access to my account. The answer is probably no.
Once an app has access to your account it does until you revoke it. So if you get your indian name today and never think about it again those people still have access to your account forever. Everytime you get a dialog asking you if you want to install the app think are these people I trust with access to my account? If the answer is not yes just don’t install it….live your whole life without knowing your indian name but knowing your accounts are safe.
You should also check through and delete any unused apps often. Use MyPermission.org at least once a month and go through each of your accounts and get rid of any unwanted apps. So let’s review what we have covered:
1) If you got hacked there is a 99.99% chance it’s your fault.
2) Never login when you have not initiated the login.
3) Don’t use your banking, email or social media passwords anywhere else on the internet.
4) Don’t install strange apps. Delete unused apps frequently.
If you follow these steps and are vigilant about them you can decrease your chance of having your email or social media accounts hacked tremendously.