You should never have one password for all your accounts. Yet you probably recycle some passwords more than is recommended. If hackers get their hands on your email password, they can systematically change the passwords of your other accounts.
Instead, use many different, randomly generated passwords. This can decrease your risk, though not eliminate it completely. For a closer look at online protection, here are some hacking horror stories.
Email Hack
Email hacks are one of the most common tactics used to gain access to your personal information, as well as that of your friends and family. Once having gained access into your email account, the hacker sends out spam to your contacts, often saying that there’s been an emergency and you desperately need money. From there the hacker then changes your email settings, locking you out of your own email account, and forwarding all incoming emails to a different, though typically similar, email address. This commonly used tactic makes damage control difficult for the owner of the account, as years of emails, photos and anything else stored in the account is usually deleted by the hacker if you are even able to gain entry back into your account.
All major email services use cloud technology. Cloud technology is useful when you want your data anywhere you are. However, your personal data is left in the hands of a third party. Prevent this type of loss by backing up everything on external, localized hard drives. Make sure any web hosting service you use is a reputable one by conducting your own research.
Dangers of the Daisy Chain
A daisy chain is the term used for many accounts that are linked together by some simple passwords and personal information. Matt Honan had his digital life destroyed by hackers in less than an hour because of this. When these hackers gained access to his Amazon account, it pointed them toward his Apple ID account, then Gmail, and then Twitter. With his Twitter account, the hackers began announcing racist and homophobic views. Matt’s Apple ID let the hackers access his iPhone, iPad, and MacBook and they deleted all his data. Everything he’d worked on for years was, in one hour, scrubbed from the digital and physical world.
There are a couple ways in which Matt could have protected himself from total devastation. The first, and easiest, would have been localized backup storage in the form of external hard drives. The other is two-factor authentication. Two-factor authentication asks anyone who attempts a sign-in for a code, which is sent to your smartphone in the form of text, viewed in an app, or sent in an email. Google has it’s own app for two-factor authentication, as does Apple, and third-party app Authy is highly rated among such powerhouses. If a hacker doesn’t have the temporary code, the chances of a hack become significantly less.
Hookup Site Hacked!
The hookup site/cheating site, AshleyMadison.com was hacked recently. Thirty-seven million users’ personal information was compromised within hours. The hackers revealed a range of data, including maps of internal company servers, employee network account information, and company bank account data. This happened just two months after hackers released personal information from another hookup site, AdultFriendFinder.
While the group who has taken responsibility for this hack, the Impact Team, gained access to Ashley Madison’s data, they did not release it all. Instead they insisted the site be closed, and have released personal information about users each day the site has continued operation.
While the ethical implications of such a site are interesting on their own, this kind of hack can happen to any website that stores personal information. Top sites like Amazon, Google, and Apple are high value targets due to their popularity. You can limit damages of this sort with a data breach contingency plan. This should include notifying credit unions, the police, and the Federal Trade Commission of any stolen personal information.[su_box title=”About Alex Clark-McGlenn” style=”noise” box_color=”#336588″]Alex Clark-McGlenn is currently taking his MFA in creative writing from the Northwest Institute of Literary Arts. He has been published in eFiction Magazine, Inkwell at Evergreen, Slightly West Literary Magazine, and appeared in Smokebox Literary Magazine July, 2014. He currently lives in Bellingham, Washington.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.