Did the recent celebrity hack occur due to a security vulnerability with iCloud? We still don’t know the full extent of the compromise. However, what we do know is that the majority of hacks typically occur with the unknowing assistance of the account owner. In fact, most account hacks take place when someone gains access to your username and password via phishing, social engineering or weak passwords.
Here are 3 smart tech tips to proactively protect yourself from being hacked:
Phishing Schemes Protection
Phishing occurs when someone tries to acquire your username, password, credit card numbers or personal information via electronic methods by masquerading as a trustworthy source. The phishing attack can be as simple as an unsolicited email with a link from your bank, your internet service provider, retail company or social media account. However, when you click on the link it redirects you to another link that looks like a clone of the providers website. The links typically contains malware, viruses or record username and passwords with failed attempts to login into your account.
To protect yourself from Phishing schemes do not click on unrecognizable links or sites from unsolicited sources. The companies you do business with will NEVER send you unsolicited emails to change your username and account password. Also, make sure to report unsolicited emails to the company to engage IT Security teams.
Social Engineering Precautions
Have you ever received an unsolicited phone call asking for personal, credit card or user account information about you, your family or coworkers? Social Engineering is a form of phishing. However, the hacker(s) uses human interaction to gain your trust to access to your accounts, company secrets, company assets or strategy. The sensitive information you unknowingly share is collected and will eventually be used against you to help the hacker bypass security safeguards and make you or your company a victim of fraud or computer access. The phone call also leaves a weird feeling in your stomach.
To protect yourself from Social Engineering become aware of the security threat and request the users full name, return phone number, company name. Also, make sure to minimize the amount of information you share and share information on the need to know basis and report social engineering techniques to the affected company to engage IT Security teams.
User Names and Passwords
With the recent hacks it’s critical for online users to take an inventory and record all digital accounts: Facebook, Twitter, Email, iCloud, Instagram, Retail accounts, etc… and periodically change your passwords. Also, make note of accounts you are no longer using and consider deleting the account(s).
The most common way that hackers access user accounts is via weak passwords, such as no passwords required to access accounts, the password simply set as the word, “password” or one of your kids’ names.
To ensure the security of your user accounts:
- Set passwords that are 5-7 characters long and include capital letters.
- Change your password periodically by changing 2-3 times per year.
- Answer the Security Questions. The questions are put in place by the company for additional security and to protect you. Answer the questions and do not share the information with anyone.
- When selecting a new password consider using a paraphrase to create your new password. A paraphrase is a catchy phrase or sentence you can translate to a password.
Example of a Paraphrase: I always ride the teacups at Disneyland
Password example: I@rtt@D
To stay informed on the recent Apple iCloud hack, check the Apple Media Advisory – Update to Celebrity Photo Investigation for up to date information. To protect yourself from similar hacks, proactively take an inventory of your user accounts and start changing those passwords!