"Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail spoofing or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one."
That is just how phishing is described on wikipedia and you don't want to lose your facebook or paypal account to that right? There are softwares that crack passwords using bruteforce or dictionary attacks and this is why you must make your passwords extremely strong.
How Do I protect Myself?
There are several precautions to take in order to secure your password and prevent yourself from getting hacked.
1. Using a strong password
This is the most important step to take. Never use a password that can be easily guessed like your child's name, your middle name, phone number and so on. Also, never use a word that can be found in the dictionary, your password can be easily cracked using dictionary attack. A strong password consists of letters, figures and symbols all mixed up randomly and I recommend up to 10-14 characters. An example of a strong password is this: ^nG='@9y5Y*%mF
Now, I'm not saying the password above can't be cracked, but it reduces the chance of getting hacked to almost 75% when compared to using a password as simple as your mobile phone number.
2. Beware of links you follow
You might seen a tempting link in your email or someone just posted and interesting link on facebook. Always think twice when websites ask for your log in details. There's a hack method called phishing that fools you to believe you're logging in to a legitimate site whereas the site you're about to log in to is only a 'photocopy' of the one you think it is. Yes, this method has ben used to hijack lots of facebook accounts in the past and it's still being used till date to hack paypal accounts. When you receive a link asking you to log in to your libert reserve account, for example, did you take the time to check your address bar to see that it's actually libretyreserve.com and not libertyreserve.com? Can you notice the similarity in he two addresses?
Once you fall victim to this hack attack, it doesn't matter anymore whether your password is strong or not, the hacker gets your login details in plain text.
3. Be careful with softwares you install
Downloading and installing every available software from questionable sources can get you into trouble. Did you know some programs contain spywares that spy on you and report everything you do on your computer to some hacker sitting somewhere in a room in another part of the world? Did you also know that keylogger programs can record every little keystroke you make on your PC and send it to a hacker's email? Are you aware that cracks and keygens often contain malicious softwares embedded?
I'll advise you to download only from certified sites like filehippo, brothersoft, softpedia and other sites like these especially if you don't know much about internet security.
4. Use different passwords for your accounts
Let's assume someone gets to know your yahoo password, the person will definitely try that same password on your facebook, hotmail, gmail and even paypal accounts. You know what would happen if you happen to use the smae password all through and that is why you should try to use different passwords for your online accounts.
5. Always update your antivirus and always use the best around
Your antivirus's virus database must be regularly updated. Why? This gives it a better chance to detect malwares and spywares that may try to steall your password.
6. Do not open spam mails
Do you often receive some stupid mails alerting you of winning some lottery you never played? Such mails can be tempting and I'll advise you not to even open them. They may contain links to phising pages or attachments that contain spywares and malwares.
7. Use SSL (HTTPS) encryption where applicable
When you're using https://, you have a certain degree of protection. A secure connetion (as oppossed to http:// ) only implies that no one gets to see or know what you're doing online and your sent and receive data is encryted. This is why all email providers and some social networks offer you encrypted login. Some sites like facebook and gmail give you the option in your account settings to always use SSL when you're logged in and I guess you should always use this where applicable.
You should also know that legitimate and certified stores and online shops ought to use https:// so as to protect your credit card details when shopping.
8. Beware of expired or invalid SSL certificate
Here is a note of caution, when you're logging in to a site and your browser reports that the certificate has expired or invalid, you should not proceed unless you know exactly what you're doing. there are bodies that issue this SSL certificate and illegitimate sites do not have valid certificates and a legitimate site can never encrypt your setting with an expired or invalid SSL certificate.
In a case like this, you should know someone is tampering with your connection or trying to fool you.
Although these suggestions can get you a long way in preventing your password from getting hacked, it's not 100% guaranteed that you're safe but it's better to do what you can to secure yourself. You definitely don't want to be a victim of a hack attack.
Help your friends on facebook by sharing this little piece of information.
0 comments:
Post a Comment