With so many password-necessary gadgets being used today and billions sold every year, its even more crucial to keep them secure and your personal life locked down tight. By the time you finish this article, you will learn just how simple it has always been to hack into your computer and steal personal information, as well as identities. Be very afraid.
It has happened to the best of us. That dreaded sinking feeling when a friend informs you that your email has been hacked and your personal life has been compromised. Hopefully, you learned your lesson…but if you didn’t, there are still ways for you to educate yourself better before the hackers make another round at your hard drive remembering just how easy it was the last time. And yes, they will remember you. They have you on file. You are now a prefect target because most of us are creatures of habit…and just plain lazy.
Bear in mind that ALL hackers are banking on the fact you will likely use your same password on most all of your sites and accesses. They know that many internet users have bad memories for complex, long or encrypted pass codes.
To understand the whole hacking mystery, you first need to comprehend just how hackers work and the tools they use.
In all fairness, hackers, for the most part come in two varieties….White Hat and Black Hat. (Grey Hats dabble in both White and Black, while Blue Hats work at debugging systems.)
White hat hackers are generally non-intrusive computer programmers that are usually testing software and security systems for their company and/or for themselves. These are the true, original ‘hackers’ that initially built the internet world and the Unix operating system as we know it today…and well respected in their field. They are the ones that put the ‘www’ in world-wide-web. You wouldn’t be reading this right now if it wasn’t for them.
The main problem with password security belongs to the black hat ‘crackers’ (as in cracking code), as they are called in the cyber world by the real hackers. Unfortunately, Hollywood and the media have managed to lump the whole hacking community together into one nasty genre. Perhaps it just sounds better. Cracker hackers (black hats) instigate the lowest form of hacking. They are to blame for causing password mayhem and are likely to be involved in criminal activity, unlike white hat hackers who are the builders and creators.
With that being said, the cracker has pretty much one motivation in mind…profit. Some will confess to ego, notoriety and revenge. However, most of them can be found working in teams in third-world countries, primarily Africa where unemployment is very high and computer access is readily available. They get paid per password harvested out of your computer, then pass them along to other crackers that dig deeper into networking and banking files for access into more personal financial information.
Other targets are personals sites (Match.com, etc), social networking sites and especially ‘for-sale-by-owner’ advertising sites (Craig’s List, etc) where they target the unsuspecting seller into relinquishing personal banking data to (supposedly) wire you money for your for-sale goods. And it all starts with a flimsy password that you thought would be so easy to remember at the time. Wrong.
More frightening is the available software crackers use to get into your computer to begin with…most of it free. Programs like ‘Hydra’, ‘Cain and Able’, ‘Hashcat’, ‘Pwdump’ and ‘John The Ripper’ can sift through your hard-drive within seconds locating any and all passwords that you think are secret and sacred. Think again. All it takes is for you to open that one seemingly innocent rogue email from out-of-the-blue that piques your curiosity and complicates your life. Unsolicited emails need to be sent to spam immediately then deleted. Use your email for familiar correspondence only and never for opening emails that have a product or service to sell. Have friends and family identify themselves in the subject line and use it often or else delete it. Just get in the habit now. ‘When in doubt, delete it out!’
So what else can you do to deter these cyber terrorists of the internet netherworld? First, lets start with what not to do. SplashData, a leader in password software, publishes a list each year of the most commonly used passwords. The list shows you just how naive and gullible the average computer user is when creating a ‘unique password’. Their top 25 for 2011 should give you some insight. Their password encryption products are well worth the price if all this is all too much to digest.
Next, if your password can be found in the dictionary, 86 that one too. These hacking softwares can detect any and all of these words as well,…in less than a minute. Avoid real spoken words (in any language) and names altogether.
Never get in the habit of allowing your browser to save passwords for you. Autofill options (also called AutoComplete) are the worse dis-service that internet browsers can offer users. Don’t fall for the convenience of it. Its like feeding you to the wolves. Once your sensitive information gets saved in these data files on your hard drive, it’s as easy as stealing candy from a baby. You’re done. Names, addresses, credit card information and passwords are all right in plain site of the cracker waiting to retrieve it and use it almost instantly. Oh, and it doesn’t matter if you have a Mac or PC, by the way.
What you can do:
-Jeremiah Grossman, founder and CEO of White Hat Security suggests using different browsers for separate activities. NEVER do your online banking transactions along with personal internet activities within the same browser. Adult websites are the worst for virus infection and password infiltration. Studies done by Accuvant Labs found that Chrome was least likely to be contaminated and is probably your best bet for online banking security.
-Keeping with using the different browser theme, you should also get accustomed to using a different email for separate activities as well. Designate only one email account for online banking, one email for personal email, one email for business, one for online shopping (especially) and so on. This delineates and categorizes everything in its own place so that if you do get a suspicious malware email from internet hell, you will know to spam it and delete it without thinking twice. It just won’t belong there. It’s a pain at first, but it will protect you more than you can imagine.
-Self-destruct emails, like Spamex, TempEMail and ShitMail.me (gotta love it) are other ways to be proactive and mitigate against hack attacks. Use them when signing up for new sites that require personal and financial information. They last only long enough to fill out your data, then delete themselves usually within 24 hours, reducing the chances of your information being stolen or sold to other sites, etc. Remember that everything you do on the internet when you hit that send button literally becomes public domain. Think twice before you send. Be careful and don’t let your guard down.
-Other obvious common sense tactics include using uppercase, lowercase, numbers (but not at the beginning or end) and the use of character keys. Yes, the swear words keys. (%&#*@$?!)
-Make up crazy words. Long ones. Create your own language if you have to.
-Use a password that looks like a 2 year old played havoc on your computer keyboard. For example: (jg9f7we6rgf3*&TUjkhg*&GuNUY&%$#^jhgdHmE^%4cfoi*&hf2k87dgh#$b8dj)
-Use a USB flash drive to copy and paste very complex passwords (like the one above) each time you logon. Keep it with you at all times but never identify what the passwords go to. Make up hundreds of them if you can and save them in a separate file on your USB flash drive. Believe me, it’s worth the extra time.
-Change it often. Daily, weekly and as randomly, if you can. If a cracker cannot hack you within minutes, they will pass you by. They have easier fish to fry.
-Make up your own security questions with random unpredictable answers. Never use their questions if you can help it. Your favorite color, instead red or green, should be something like crimson or algae. Instead of black, its now ‘a combination of all colors’…etc. For your mother’s maiden name, make up a word. Be creative yet unpredictable.
-Email courtesy protocol means having the common sense to not include all of your friend’s email addresses in your forwarding emails. You know the ones…funny jokes, cool photos and stories, etc, etc. Crackers piggyback off these emails all the time. If you are going to forward an email, cut and paste it out of the main email body if you can and/or at least be sure to delete the coattail advertising garbage at the very end of the email that got sent to you initially. Clean it up before you get caught up in the moment. When you openly include ALL of your email friends and associates in emails that you forward, black hats are just waiting to phish them out for the next round of hacking. Be smart and add them to your blind copy (Bcc) line instead. That way their privacy is protected as well as yours. Be kind, send blind.
-And lastly…TURN OFF YOUR COMPUTER when you are finished using it! I cannot believe how many people I know just leave their computers on day and night. Leaving it on with a Wi-Fi modem active and unsecure is quite simply asking for trouble. There are crackers that literally drive through neighborhoods looking for unsecure Wi-Fi signals that can be tapped like parasites to a host. The most terrifying is the malicious blackmail/extortion malware software (Big Hacker and I Am Big Brother) that can literally creep into your computer without detection and turn on both your laptop camera and microphone, watching you and recording you remotely without you even knowing it. Again, ultimately monetary driven.
Remember, that for every program written, there is a cracker hacker out there countering with anti-security software of their own. Stay a step ahead and you will limit the risks ten-fold.
At the end of the day, you have to ask yourself, which is more inconvenient, protecting yourself in advance or opening up a new bank account because the last one now has a zero balance? If you are not afraid by now, then you probably don’t own or use a computer.