Social Media

The New "Social Security": Protecting Your Identity in a Super Social World

Posted by Claire Perkins on November 20th, 2012 at 11:47 am

While its certainly not a fun aspect of social media and digital communication, cyber security is something we all need to keep in the back of our minds while tweeting, tagging, uploading, commenting, and inputting online data.

Unfortunately, any online activity comes with a security risk. Unless we learn the steps to protecting ourselves then our sacred information— including bank accounts and personal property— is left vulnerable to the world of cyber predators.

No site is 100 percent safe from cyber hackers. As a matter of fact, this November Twitter faced a security breach that prompted thousands of users to reset their passwords. Twitter later issued a public statement affirming that multiple accounts may have been compromised by a website or service not associated with Twitter. GoDaddy also fell victim to a hack in mid-2012 as well, which prompted thousands of websites to go down. Bank of America, too, fell victim to hackers in 2011, putting thousands of credit card information at risk.

Here, we examine why and how hackers launch cyber attacks, and what you can do to protect yourself.

Why Me?

Money

An old and relevant adage, "It’s All About The Benjamins" holds true in the case of cyber crime. If hackers are able to gain access to your accounts, criminal gangs can use your information to access online banking information, capture your credit card information, and spend your well-earned money.

Leverage

You may wonder what somebody would gain with access to your tweets. Leverage, ladies and gentlemen. Criminal masterminds can use smaller sites to gain access to larger accounts of yours as account holders typically use a universal password on sites like PayPal, Amazon, and online banking sites.

Hacktivists

Not everybody has cash in mind— some are agenda pushing. Hackers may seek to expose secrets they believe need to be revealed. These charmers may also be looking to intimidate or blackmail influential individuals and are hoping online accounts contain the "dirt" needed to do so.

How Accounts Are Hacked

Good Old-Fashioned Guessing

The worst account passwords out there are still the most common, according to Arstechnica.com. Sadly, the most common password in 2012 are:

  • password followed by 123456 or 12345678
  • abc123
  • qwerty
  • monkey
  • letmein
  • dragon
  • 111111
  • baseball

Security consultant Mark Burnett, author of "Perfect Passwords" analyzed 6 million username and password combos last year, and found that 91 percent of users had one of the 1,000 most common passwords, with 99.8 percent having chosen among the 10,000 most common phrases.

Hackers may use dictionaries to systematically try every word you may have used. But, hackers don’t always use simple formulas to log into accounts. Those looking to gain access to specific accounts often use personal and public information found online to determine likely passwords. For example, if you Tweet publicly about your dog, you should avoid keeping his/her name in any of your password phrases. Moral of the story: Think of your password as a snowflake...one of a kind.

Phishing

We’ve all seen phishing on social media sites and our email inbox. They may look like a legitimate email or social post, but they're far from that. Upon clicking the attached links, phising sites direct the user to advertising and pages that are hotbeds for malware, spyware, and other cyber bugs. It’s simple to avoid— just think before you click that email about PayPal or Viagra.

Sniffing

While you may love the Wi-Fi hotspot in your favorite coffee spot, a compromised network can put you at risk for sniffing, a newer type of data interception. Sniffer programs monitor all network traffic and send data and password information via plain text. Using Antisniff and encrypting your passwords are great ways to avoid sniffers.

Shoulder Surfing

If you're surfing the net in public, watch your back. Literally. A common practice of hackers involves waiting and watching until you type in a password, at which point they read your keystrokes.

Third-Party Apps

When you approve third-party apps on your phone or computer, you’re handing developers access to your social media accounts and all the content within. Be conscious of your apps and app publishers, and only approve trusted apps.

Signs of a Hack

Your Evil Twin is Posting As You

If you notice any unexpected posts or messages sent through your account, unapproved activity like app downloads or new follower notices, it may be time to track down the suspected app or security breach.

Unrecognized Shopping Sprees

Unrecognizable charges to your various accounts are a surefire sign that your credit card, bank account, or personal data has been hijacked.

Warnings in Your Inbox

The receipt of an email stating that you’ve just changed your password when you didn’t is a red flag to check your account status.

How To Protect Yourself

Multi-factor Authentication

Many accounts have improved authentication, and contact you via email or text when a new device tries to access your account. Google also has ways of resetting your passwords that involve text and app-specific passwords, which can prevent third parties from resetting your account. Be sure to link your phone number to accounts, when possible.

Several Passwords

Don’t stay married to one or two passwords. Think about it— if your accounts all share the same password phrase, you're at risk. Insecure smaller sites and apps can leak passwords easier and once a hacker learns one they can soon have access to a smorgasbord of your personal data.

Randomize

You want an original password? Try LastPass or other random password generators, or special identity security services like LifeLock.

Don’t Mix Business and Pleasure

Use one browser for serious matters— email, banking, and business communication. Use another for personal browsing on news sites, message boards, blogs, etc. This helps keep security breaches from directly affecting your important business.

If You're Hacked

Change Passwords

The longer you wait to switch passwords after a hack, the longer hackers can use the knowledge they gain from your account to access other accounts. If your banking has been compromised, get on the phone with them as soon as possible.

Reevaluate Apps

If you think you know an app or website where the hack originated, revoke connections. This may mean removing Facebook apps, disconnecting your Facebook account from other sites, or changing passwords on trusted third-party apps.

Delete Posts

Erase all evidence. The last thing you want is messages out there that you didn’t send. Delete posts sent by your account to protect friends from potentially dangerous interaction.

Update Security

Scan your computer for viruses, Trojans, and malware with your anti-virus software, delete cookies, and clear your cache within each of your browsers and run a search for security patches that may keep your computer free of unwanted visitors.

Leave a comment