| Account Hacked |
|
From time to time I get interesting or pertinent questions from clients, colleagues and readers. I like to post the answers on my blog because I think more people may have the same question. Here is a question from a reader: What do you do if your online account at a social media site has been hacked? Take Action 1. Make sure you contact the website ASAP and let them know your account was hacked
2. Make sure his home computer has not been compromised - or any computer he uses to log onto the site 3. Reset all your passwords, even for unrelated sites Prevention: The easiest way to protect your computer and account 1. Make sure he has anti-virus and it is set for automatic updates
2. Make sure he has a complex password (not easy to guess) and change your password regularly 3. Make sure you only login on the real and not pages that look like it (spoofed sites) 4. Make sure his computer has the most up-to-date patches (this can and should be automated) 5. Upgrade to Internet Explorer 8, it has features to detect fraudulent websites 6. A healthy skepticism, be skeptical of offers, emails and communications How do hackers get into my online account? There are a number of ways hackers can gain access to your online accounts. In order for a hacker to gain access to your online account they need to get your password. This means protecting your password is very important. One of the main ways to get your password is to get spyware on your computer. The spyware can track your activities including the key strokes you make. This type of spyware is called a keystroke logger. Once it gets on your computer it can track your moves and capture your password when you log onto any site. With this a hacker can gain access to password you type which could be to every site you visit or use.
This happened to a City in Southern California. Spyware was introduced to a computer in finance and when the employee logged on to the Banks website to view the City's account the spyware captured the username and password. The hackers wasted no time transferring hundreds of thousands of dollars out of the City's account.
The best protection against spyware is to have up-to-date anti-spyware and anti-virus software.
Another way hackers gain access to your passwords is called phishing. This technique is just like it sounds. They use bait to lure you into giving them your username and password. Typically they setup a website that looks like the login page of the website you want. You type in your username and password thinking it is the real site, but you have just given the hackers your password.
Web browsers such as Internet Explorer 8 have anti-phishing protection and some antivirus packages are now adding anti-phishing protections in. It is important to be a little skeptical and keeping your browser, anti-virus and computer up-to-date.
Of course it isn't just hackers you have to watch out for. Other people such as family members, friends and fellow employees may get your password if you are careless and use your accounts for who knows what.
It is important that you do not share your password with others, change it often and use a complex password no one else will guess.
Of course following these prevention measures is no guarantee of security, constant vigilance is needed.
Brought to you by Maze & Associates, a leading Northern California Accounting Firm specializing in Municipal & Nonprofit Audit, Tax for individuals and all types of entities, Information System Audits, Security Reviews, as well as PCI Scans and certified training. Maze & Associates is a PCI ASV - Approved Scanning Vendor.
RSS Subscription Disclaimer: The views expressed here are those of the author and do not represent those of Maze & Associates. 
|
Subscribe to LearnSecurity Blog using your favorite feed reader by 
Latest News
| Need help with your books? Call us today for a free consultation at 925-930-0902. |