Hacking is one of the great threats of our age, affecting individuals and giant corporations alike. Just how ubiquitous is it, though? How much should we worry about being hacked and, if our online information does get compromised, how do we recover?
You may think you’re security savvy, but hackers are always opening up new ways to infiltrate and gain private information. It’s not so much a matter of if you’ll be hacked, but when. It’s important to know the extent to which an attack can affect your life, both on and offline, as well as how to reduce the chances of being affected by hackers.
Nobody can afford to take hacking lightly–even if you are the most boring, dead-broke person in America with no online activity except Gmail for corresponding with your mother, and a Facebook account for posting photos of your cat. Here’s what you need to know:
What Gets Hacked and Why
Financial accounts, such as online banking, investments, or PayPal are popular targets for hackers looking for quick money. Email accounts get hacked because they’re easy targets, and old or sent email messages are full of useful information that hackers can exploit, such as retail sites you use frequently.
Often, hackers go after big repositories of customer data, either from retail sites like the recent Zappos hack, or social networking sites that can provide login and password information for millions of people. Because most people use the same login and password for multiple sites, the damage done by these big hacks can be epic. Even if your passwords are different for every site you use, hackers can use personal data to make phishing attacks more realistic-looking. (Phishing is when you get an email that looks like it’s from your bank, for example, but it actually links to a site controlled by the hackers in an attempt to get your financial information).
Signs You’ve Been Hacked
For social networking and email hacking, the signs include complaints or questions from friends who are suddenly receiving a bunch of spam, link suggestions, or requests from you. Likewise, if you’re getting tons of bounced messages that you never sent, it could indicate that your email was compromised.
If financial sites have been hacked, you may see charges or withdrawals you didn’t make. It’s a good idea to keep a regular eye on transactions in banking sites and PayPal so that, if your account is compromised, you catch it immediately.
How to Recover
If it’s an email problem, it may be that the hackers are “spoofing” your address, which means that your address appears in the “from” line, but isn’t really sent from your account. If this is the case, there’s not much you can do. But, if you find that you’re actually locked out of your email account, you need to notify your ISP immediately and get the password changed. The same applies to social network accounts like Facebook or Twitter—getting control of your accounts back is the first step. You may want to let your friends and family know that they shouldn’t open anything weird-looking from you or click on any links. If the hack is from a financial site, notify the company immediately, cancel all related cards, and change your password. In all cases, if you have used the same password on other accounts, you will need to change it everywhere.
Next, scan for malware on your computer. Malware can be used to obtain more of your personal data, and also to launch future attacks against others from your computer, compounding the damage.
Tips for Prevention
Although hacks of large amounts of customer data, such as the Zappos hack, isn’t something you can necessarily prevent, you can take several actions to greatly reduce your personal vulnerability to data theft:
1. Use strong passwords, especially for financial accounts, and mix them up as much as possible. Password management software is available if you can’t keep track of them all.
2. Always keep your software updates current, which often contain patches for previous vulnerabilities.
3. Install recommended anti-malware and virus protection on your computer and keep it updated.
4. Never use public computers to check accounts, including your email.
5. Set up a separate email account to use publicly, keeping your primary email address private for friends, family, and business associates only.
6. Never log into personal accounts, especially financial ones, over an unsecured network.