so I seems like at least 3 of my friends recently have gotten their facebook accounts hacked by the same spammer in the space of like a day... not sure why all at once but I thought I would create a quick online guide that may help my friends avoid it in the future. A lot of these things are common sense and many of them y’all may already know so please don’t take this as any sort of insult to your intelligence it’s just me trying to help (after all I do get paid to know this sort of stuff).
- Get a really good password for online sites. A good password is at least 8 characters long and does not include words from the dictionary. It does include Capitol letters, numbers, lowercase letters, and if allowed symbols (like $%^&$). If your not sure if your password is secure or not check it here:http://www.microsoft.com/protect/yourself/password/checker.mspx Passwords that are just a word from the dictionary are really really easy to crack. An average home desktop computer can crack a password that is just a word from the dictionary in under a second.
- Use different passwords for everything. This way if one account gets hacked you won’t lose everything else at the same time. It’s a common practice for hackers once they have gotten a username and password that works to try it at many other common sites (gmail, yahoo, facebook, myspace, popular banks, ebay, paypal, etc) to see if it will work there too. If you use the same username and password for everything then your screwed, big time.
- Never click on a link your unsure about, seriously think of the internet as some old creepy guy that you wouldn’t trust even if he was the last person on earth. If for any reason you’re unsure about a site, link, or download, just don’t use it.
- If a site tells you that you need a plugin or download to use the site a big red flag should pop up in your head. That’s a number one way scammers use get you to download viruses. For example: you get a pop up window that says that you have spyware on your computer, you click the link and it prompts you to download a program that will “scan” your computer. When you click this link it performs what looks like a scan and finds what looks like viruses but what’s actually happening is that is it’s downloading viruses to your computer and inviting all of it’s friends over for dinner. The best thing to do is if you need a plugin or software to run something on a site then go to a legitimate source and download it, if the site won’t tell you the name of the program you need than leave that site. For example if a site tells you that you need flashplayer, go to the adobe website yourself and download flasherplayer. If that site still doesn’t work then it’s probably a scam
- Legitimate sites will never send you an email asking for personal info, your bank/paypal/ebay will never send an email that asks you to “sign in” to verify who you are after following a link in an email. If you have doubts than go to that site itself in a separate tab or window and log in that way
- If you use a public computer for anything always clear all the personal data from the system after you are done. This can be done by clearing the cache and the history. Some public computers do this automatically, but enough of them don’t that its common practice for spammers to logon public computers and see what people have left themselves logged into (which is a lot believe it or not). The best practice is not to use public computers for anything personal…but it doesn’t always work out that way so just remember to clear your personal data.
- NEVER visit Pornographic, or gambling sites. Seriously these sites are like the STDs of the internet and will infect your computer faster than cheap hooker. It’s just good sense not to go to them anyways for a bunch of other really good reasons, but at the very least do it for your computers sake.
- If you want to download a program, (or music or movies or whatever) via the internet and you decide to use a torrent or other related peer to peer sharing program be very careful. While these programs are really useful for a lot of legitimate uses a lot of people still get their computers infected this way because they don’t know what they are doing. Whenever you download a file from a peer to peer network always always virus scan it first. Some sites like thepiratebay.org have comments about the file, read these and if any of them suggest that it might be a virus don’t download it. Just remember when you are using peer to peer networks nothing is regulated or inspected so use them at your own risk.
- Have passwords on your home computers and if somebody wants to use it create a user with restricted access that they can use. This seems a little insane and untrusting but after having to clean porn and viruses off of my computers numerous times in the past that other people downloaded onto them I stand by this rule. Other people can create all sorts of security problems for you un-intentionally. Sometimes it’s just because they don’t know what they are doing and sometimes it’s because they are doing things they shouldn’t. Either way it’s a security risk that can’t be ignored. If they download a virus that steals passwords onto your computer you still get screwed by it even though you didn’t download it.
Amendment 1.
so after seeing Alaska Gov. Sarah Palin's private Yahoo e-mail get hacked and reading the steps he did to do it, I thought I would add this amendment.
your security questions to reset your password should not be items that are easily google searchable. Palin got her account hacked because her security questions were her birthday, her zipcode and where did you meet your spouse. These apparently were all easily available online. If you create a security question make sure it's something really obscure that only you and maybe a close family member (to be honest mine are something even a close family member can't guess) can guess. Otherwise you might end up with all your email on somebody else's blog...
No comments:
Post a Comment