Security Basics

Posted byDavid GarzaPosted inSecurity FundamentalsTags:, , , , , , ,

My brother called me in a panic. He frantically explained that his email and possibly his social media accounts were compromised. I explained what he needed to do and told him he should do it immediately. A while back my wife’s car got broken into, they didn’t steal anything of value, but they did take an old cellphone that was hidden. Later with my keen 6th sense, I noticed someone trying to access my wife’s accounts after she was getting emails about failed login attempts. With that said, we jumped into action frantically going through every account and resetting them. Anyway, I thought this would be a good time to talk about some of the basic things to do in these kinds of situations.

First, it can feel like a scary situation when you have been taken advantage of… it sucks. Hopefully this can serve as a guide to help someone who is going through the suckage that is, what the French call, getting “le pwned”. I will make a checklist of things to do when you get compromised in different scenarios. So I am going to cover what to do if you get your Social media compromised, and when you get your email compromised, and talk about what you can do to prevent this from happening again.

First, If your social media gets hacked checklist:

  • Change your password
  • Make sure password is 12 characters long
  • Use complex symbols, spaces, and numbers
  • Consider using a passphrase (not just a word) for example: [1 g0T pwN3D Ag41n!!?
  • Don’t reuse the same passwords
  • Don’t reuse the same passwords!
  • Don’t reuse the same passwords!!!

OK, now that I went through the quick list, I’m going to explain a few more things that can help you not get hacked again.

First, you want to ask yourself, what personal information do you have on your account? This is more important than you think. Lets say I hacked you, and I saw you post pictures about you at work, or with friends, or with family. Now, not only do I have access to you but I can compromise your friends, family and your workplace. People post an exorbitant amount of personal information. Try to refrain from posting too much personal information about yourself, people can use that information to gain access.

Now, here is how it usually happens. More than likely a link was clicked going to some webpage that was a fake social media website, you got suckered into putting your username and password, and it re-routed you into the actual social media page. That is how they got your information. One of the best ways to see if you have been compromised before, Have I Been Pwned: Check if your email has been compromised in a data breach. If it has, see what accounts you can delete, and see what accounts you can change the passwords to.

Now, if your email gets hacked, yup you guessed it:

  • Change your password
  • Make sure password is 12 characters long
  • Use complex symbols, spaces, and numbers
  • Consider using a passphrase (not just a word) for example: [1 g0T pwN3D Ag41n!!?
  • Don’t reuse the same passwords!
  • Don’t reuse the same passwords!!
  • Don’t reuse the same passwords!!!

One of the best things you can do for yourself, is getting a password manager. Using something like LastPass, 1Password, or NordPass can help you keep track of all your passwords and make sure they stay secure. One of the best parts about these password managers is some of them also keep track of your emails and will send you a report about your email being sold on the darkweb… I know creepy, but necessary.

The other thing you can do, is use two factor authentication on your accounts… yes all of them. Some say you should use an authenticator app, however if your phone were to ever die, say adios to your two factor authentication, and your accounts. Then you would have to go through the trouble of contacting all those IT departments and maybe not getting your accounts back… trust me… it has happened to me. Instead I recommend using your cell phone number to get texts of the authentication numbers. That way, if your phone dies, then you just have to replace the phone and boom, you are still getting your two factor authentication.

Lastly, if you use public WIFI, you may want to consider getting a VPN. They aren’t too expensive, and they can keep your internet traffic encrypted, so that local people accessing the same WIFI can’t see what you are doing… and yes, in some cases, people can do that.

I hope this has helped prepare you for the potential doom that is getting hacked. It is more annoying than anything, and extremely worrisome when you don’t know what someone else has access to, but with these tips, I am hoping it will help you.

-Dave (Cyber Dad)

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: