Hacking attacks are a daily occurrence with many victims worldwide. Everyone is vulnerable to cyber hackers, but the threats are not the same for everyone.
The average person is more likely to face fewer threats than, for example, a senior politician, activist, or CEO. High profile people are targeted with emails electronic "fishingWho try to steal secrets from corporate networks or start transferring large sums of money. You, your friends and family will likely face different threats: from revenge seekers or, most likely, criminal gangs using automated tools to obtain passwords.
"We all want to believe that we will not fall victim to it social engineering "But the truth is that even smart, aware people are still trapped in cyber fraud that can have very damaging consequences," said Jake Moore, a security expert. cyberspace. "Many people will even admit that they do not click on phishing emails, but they may still be involved in cyber fraud."
Understanding threats is key. There is a threat model for everyone that includes things that interest them most - what is important to you may not be as important to someone else. Visit it Internet daily for various reasons: from Facebook and Netflix to online banking and shopping. If one of your accounts has been compromised, your passwords may be used by other online services or for financial transactions.
While Facebook, the TwitterThe Instagram and other social networks are less likely to contain your credit card information, there are other types of risk. Violated social media accounts can be used to post messages that could annoy or defame someone, be used to harass or create a false image of who you are.
"Finding out that you have been hacked can be quite a complicated task," adds Moore. "One way to understand this is to lose your accounts, so it's best to take some precautions to prevent this from happening in the future." If you think you have been hacked, see what you can do about it.
Identify an unusual behavior
The clearest sign that you have been hacked is when something has changed. You may not be able to access your account at Google using your normal username and password or there were suspicious purchases charged to one of your bank accounts. These are pretty obvious signs that you have been hacked in some way - and hopefully the banks will detect any suspicious payments before things get worse.
However, before any of your accounts are breached, there may be warning signs. The account someone is trying to sign in may alert you to unusual login attempts: for example, Facebook and Google will send notifications and emails alerting you to attempts to access your account. This usually happens if someone tried to log in and failed, but notifications can also mean that someone has successfully logged in from unknown sites.
Rarely will a day go by without a company, application or website being compromised - by Adobe to the Dungeons and Dragons. These breaches may include phone numbers, passwords, credit card information and other personal information that could allow criminals to steal your identity, including threats. Companies should let you know quickly if they have been hacked, but using a breach alert service can do the same. The services havebeenpwned and F-Secure will notify you of old data breaches, but may also alert you to new cases where your data has been exposed by breached accounts.
Take back control
Recovering control of an account may not be straightforward - depending on who has access to it - and may have multiple administrators.
First of all, you need to contact the company that created your account. Each company has its own policies, procedures and recovery steps when it comes to compromised accounts - which can be easily found through an online search.
When recovering a hacked online account, you may follow different steps depending on whether you can still access it or not. If you have access to the account, companies will ask you how it was compromised and suggest steps you should take. If you do not have access to it, you will probably be asked to provide more information about using the account (previous passwords, email addresses, security questions, and more). If an individual or group claims to have accessed your account and sent you messages about it, you should not click on links they send, as they may contain malicious material and / or further attempts to access personal information.
Recovering an account through the company where your account has been compromised is the first step to regaining control. You need to make sure that all the applications and software you use (on phone and PC) are up to date. Your next action depends on the type of violation. For example, if you can return to a compromised email account, it is worth checking the settings to make sure they have not been tampered with, such as having a setting enabled to automatically forward all your emails to another account.
You will need to change the password of the compromised account and any other accounts that use the same password and contact anyone who may have been affected by the intrusion. For example, if messages have been sent from your Instagram account or you need to create a brand new social media account, you may need to let your friends and family know the details of your new account.
The best way to reduce the chances of hacking is to limit the attack area. By giving less space to hackers, the chances of them attacking you are reduced.
"Information about you is the key to a successful attack, so minimizing your personal internet data will push the attacker into the next less fortunate victim," says Moore. If your accounts have been compromised once and are being attacked by an organized group, you are more likely to be targeted again.
When thinking about your online presence, you need to consider how much information you share there. "When you post your photos on Instagram, or post on Facebook or tweet about your site, people can take these things and use them against you."
In practice, there is a lot that can be done to create online accounts. Everyone needs to use a password manager to create and maintain unique, strong passwords. No one should use the same password on many sites, even if you realize that the risk of hacking is low.
If one of your accounts has been compromised, you should check the other online accounts you use by updating your passwords and checking your security settings. When updating accounts you should also use complex security questions where possible and the answers should be something only you know.
In addition to a password manager, multi-factor authentication (MFA) should be enabled for as many sites and services as possible. This is one of the most effective ways to protect your accounts from hacking. The most common type of MFA is two-factor authentication, which requires another piece of information, above your password, to connect to a service. Usually this is a message SMS, an authentication application or a physical security key.
For people with higher levels of threat there are many additional measures that can be taken. To increase your online privacy and anonymity, you can use a program VPN, Tor or Google Advanced Protection.