Here are some great ways to get hacked
Hardly a day goes by without a story of a major data breach on a business, government agency or individual. And, like seeing reruns of the same old television series over and over again, I think that most of us grow tired of being lectured for not paying enough attention to computer security.
“Lana” felt that way, writing, “I ignored the advice about computer and mobile device security, feeling scolded every time I heard a recommendation. And then I got hacked, became an identity theft victim, and it took me two years to clean up the mess.
“Dennis, with your sense of humor, why not write an article telling people how to be hacked? I’ll bet that will get their attention.”
With that request in mind, I asked Paige Hanson, chief of Cyber Safety Education at NortonLifeLock, to explore the ways of getting hacked and becoming a victim of identity theft.
“We are producing more data about ourselves than ever in the past, which leaves a digital trail that is vulnerable to being compromised,” Hanson said.
If you’re not careful to clean up after yourself, those digital breadcrumbs we leave behind could lead thieves right to your door. To help avoid that, Hanson highlighted some common ways we make it easier for fraudsters to take control of our digital world:
- Take all those surveys of your likes and dislikes.
Consequences: Fun quizzes often ask a series of personal questions to help you find out which Disney Princess you are, or ask you to share your yearbook graduation photo (along with what high school you attended and the year).
Fraudsters find creative ways to use these quizzes to get you to answer the same types of questions used by banks and other institutions when setting up accounts — your first-grade teacher, your first car, your first pet. You are giving out the answers to your security questions without realizing it. Hackers then can build a profile on you.
If the quiz requires you to provide your email to participate or get the results, the fraudster now has your email address. He can send a request to reset your password that looks like it came from your bank or credit card company, and when prompted to “Answer these security questions,” he just may have all the information he needs to take over your account.
- Keep your social media privacy settings set to “public.”
Consequences: This will make sure everyone knows what you are doing, every photo you post, who your friends are, all of the personal details you share, and possibly where you live. A hacker will have complete access to your personal details, making you an easier target for identity theft.
- Don’t update your phone’s operating system, home computer or apps. Absolutely do not keep your virus software current!
Consequences: One of the most common ways cybercriminals gain access to your systems, aside from enticing you into clicking on malicious links, is through out-of-date software.
As software companies discover flaws in their systems, updates are issued. By not installing them, you are open to being hacked. Out-of-date software invites malware infections and other cyber issues, such as ransomware.
- Do not password-protect your smartphone or mobile devices.
Consequences: You get coffee at a restaurant, leaving your device on a table. If it doesn’t have a password, anyone who steals it will have instant access to all your personal information.
- Use the same username and password for all the websites you visit.
Consequences: If fraudsters acquire that information, they will use it on popular sites in an effort to gain access to your online accounts.
The solution is to use different passwords for each account, but most people don’t do this. A password manager such as LastPass or Keeper solves the problem. [For more about password managers, see our earlier article, “Secure passwords with less headache,” thebeaconnewspapers.com/secure-passwords-with-less-headache.]
- Transact everything over public Wi-Fi so the Wi-Fi owner can see your online activity.
Consequences: They send you a link concerning something that you were interested in, and you click. It is called “spear phishing,” and they’ve now obtained access to your digital life.
- Store on your mobile device and physical wallet as much personal information about yourself and family as possible, including Social Security numbers for the family, driver’s license, home address, etc.
Consequences: That way, if your phone is stolen, it will so much easier for the entire family to be hacked!
Already been hacked? How to make things worse!
One you have been hacked or had data stolen, here’s how to deepen your trouble:
- Do nothing. Especially do not contact your lender, credit card company, bank or law enforcement. Remain connected to the internet.
Consequences: Reporting a hacked or stolen debit card, credit card or credit card number before they have been used by a fraudster results in no liability on your part. But if you know your card has been lost or stolen and do nothing, you could take a hit.
For credit cards, losses are limited to $50 under the Fair Credit Billing Act. But rules for ATM cards aren’t as forgiving. There are different time periods that apply as to when the card has been used that limit personal liability, but you must act quickly: If you wait more than 60 days after your statement is sent to you to report the loss, you could lose all the money taken from your account!
Banks and credit card issuers will provide you with new cards and security codes, but do not enter these numbers online, as your activities could be followed. Change all your passwords, and do it from another computer; not the one that was hacked.
- Do not back up your files to an external hard-drive, thumb-drive or cloud.
Consequences: In the event of a ransomware attack, you could be paying the scammers a great deal of money to get your files back.
Concluding our chat, Hanson offers this warning: “Anyone can become a target.”
© 2021 The Kiplinger Washington Editors, Inc. Distributed by Tribune Content Agency, LLC.