Is that my password in your pocket or are you just happy to see me?

My post content

You’ve been Hacked!

Three words that you will likely see or hear sometime during your ‘plugged-in” lifetime.

But how? Why? Why me? How could this happen?

Hold it right there partner! Take a deep breath and step away from the keyboard.

Chances are, you weren’t targeted. There are many reasons hackers would want to hack you, but you can be rest assured that it wasn’t for your nuclear secrets.

We hear about hacking all the time in the news, but who’s behind these attacks, and what is it that they really want?

The reasons and motivations of hackers on the web are growing. The ‘for the fun of it’ explanation is no longer suitable; the reality is far too complex. People turn to hacking for a variety of financial, political, and ideological reasons.

The Hacker Hobby

The first reason that hackers hack, and the most obvious reason that people talk about, is for fun, for the adrenaline rush. It can be an addicting hobby for some to see if they can outsmart government and corporate IT and security. It provides instant gratification. Some hackers aim for the bigger, more challenging targets, such as major corporations.

Others infiltrate any system. Even those systems that are “low hanging fruit” with little protection become targets. Just to be able to say that they can, such as home Wi-Fi networks. These types of hackers can engage in everything from website vandalism to webcam hacking.

Theft

Internet banking is relatively new. There has been an incredible growth in popularity within the last 10-15 years. As online banking becomes more and more convenient, more people rely on their online accounts. They access them from personal computers, work computers, smartphones, tablets, the possibilities are endless. Thus, the potential for monetary gain through hacking has also increased.

Hackers can reach their goal of infiltrating your finances in a few diverse ways. A hacker can install malware to collect sensitive information, for example.

It would do something like allow the hacker to see every key that is selected when the user is typing in their passwords, etc. It can also be done through phishing or hacking into databases via Trojan Horse.

To Send a Corporate Message

Hackers can create a botnet and then overwhelm a system with traffic. They infect a network of private computers with malicious software which can then be used for a variety of different purposes- without the user’s knowledge.

It is known as a DoS attack and can put a company’s website out of service for a while. It can be used as a tool to send a message or to eliminate competition within an industry.

To leak compromising information

Some hackers use their ability to access and spread secretive information. This is another way to undermine rivaling businesses. Hackers can engage in corporate espionage, undermining their rival’s success by publishing company secrets. It can also apply to those trying to expose governments and organizations.

An example of this was the Ashley Madison scandal when hackers were able to get their hands on thousands of users highly sensitive information. It caused an uproar as users feared that their identity would be shared with the world, which in this case, it soon was.

Political motives

Sometimes, hacking is executed by vigilante groups who are trying to raise awareness about a political issue or just to create chaos. Other times, it is in the form of international threats such as foreign governments or militaries aiming to undermine their enemies. This type of hacking is typically kept out of the realm of public knowledge. Those who hack with a political agenda use the similar tactics to other groups. For example, they may choose methods such as politically driven website vandalism, information leakage, or DoS attacks.

Idealism

When caught, hackers justify their actions as being altruistic. They aim to expose an injustice. Their goal is to stick it to the “man,” which is especially popular during difficult political or economic conditions. A high-profile example of this is the shadowy group known as Anonymous, which came into the public eye around 2008, in the context of Occupy Wall Street. These hackers can target religious groups, governments, movements, to promote an agenda.

To Compromise Security

Sometimes, hackers will hack into a system to catch holes in security before someone else does. The justification for this is to prevent any harmful attacks in the future by showing the world how vulnerable our devices are to hacks. IoT devices are becoming more and more common, but they are not equipped with proper security to keep hackers out. They act as an entry point for hackers into a network of devices with critical information. As IoT devices become a bigger part of our lives, hacking becomes a more significant threat.

With Cyber Monday upon us — one in four shoppers will get hacked this holiday season. If it's already happened to you, chances are that it will happen again. That's because many people still aren't motivated to protect their personal information, according to many online surveys. But if you ARE motivated, as you SHOULD be, here are some tips to help prevent being hacked and to protect your identity.

SOME TIPS TO PREVENT FROM BEING HACKED

Don't give out your password. This is an obvious piece of advice, but one that bears revisiting: except for some school services, you shouldn't ever have to provide a site administrator with your password for them to access your account.

If for any reason you do have to give someone your password, change it as soon as they are done with whatever they needed to do on your account

Create complex passwords. Your passwords to access your accounts and apps on websites should consist of a combination of numbers, upper- and lower-case letters, and special characters that is difficult to guess.

Never use the same password for more than one website or account. This limits the damage to you if a hacker happens to crack one of your passwords.

Use a password manager. Password managers store and auto-fill your credentials for different sites, allowing you to create a complex and unique password for each site without having to worry about entering the password itself more than once. While you should absolutely keep track of your passwords on your own as well, a password manager will help make your device much more secure. A great FREE password manager that you may want to consider is KeePass.

Change your passwords often. In addition to keeping your password a secret, you should change the passwords on your various accounts and devices at least once every six months.

Where Possible, Use two-factor authentication. Two-factor identification requires you to enter a code sent to you in a text message or another service to access your account after you enter your user name and password. This makes it more difficult for a hacker to access your information, even if they can crack your password.

Nowadays most major websites, including popular social media networks, have some form of two-factor authentication available. Check your account settings to learn how to enable this feature.

Be suspicious of emails. A lot of cyberattacks are launched through simple malicious email campaigns. Email is a wonderful communication platform because you can send anything to anyone, but that poses a huge security risk. Phishing, for example, sends victims seemingly innocuous emails that will lead victims to fake websites asking to update their personal information.

The best way to avoid being scammed by phony emails is to just make sure the sender is who you think it is. Check their email address to see if they match with the website you think it’s from. To be extra cautious you can check the IP address of the sender.

Check link locations. Suspicious messages may contain links to unknown sites. Surfing to a mysterious website can bring about unintended consequences. For one, it could mimic a site you know and trust and help you fall prey to a phishing scam. Or, it may be unsecure or infected with malware.

Cautiously open attachments. . A good rule to follow is never open attachments unless you are absolutely sure of where they came from. One of the easiest ways for hackers to download malicious code onto victim computers is by sending emails with viruses attached. A common way that companies get hacked is when one unsuspecting employee downloads malicious software that infiltrates the entire network. The most dangerous file types are Word, PDFs, and EXEs.

READ privacy polices carefully. Any company that has information from you must have a privacy policy that details how they use that information and the extent to which they share it with others. Most people simply click through the privacy policy without reading it. Although the reading can be cumbersome, it's worth at least skimming it so you know how your data is being used. If you see something in the privacy policy that you disagree with, or that makes you uncomfortable, you may want to reconsider sharing information with that company.

ALWAYS use SSL for online transactions. Whenever you plan on filling out a form or sharing confidential information online, be sure to look for the padlock in your browser bar that indicates an encrypted transmission. That way your information cannot be easily intercepted as clear text.

So, on Cyber Monday while you’re sitting at your computer desk chugging down all that delicious egg-nog, working hard at crossing off everything that’s scribbled on Santa’s good boy and girl Christmas lists. Remember to shop safe, be safe, and keep all those naughty hackers off your credit report and credit card transaction lists.

Happy Holidays!

Jim