Monday, August 23, 2010

Monday Money Sense- Keeping your info safe

I know today was supposed to be about Credit Scores, but since this is fresh on my mind I will write about this instead.

Late Saturday night my personal email was hacked. The email sent out basically said that I was mugged in London and that I needed money to get home. The hacker also changed my password, alternate email, and security questions. 

I must say it feels awful! I almost feel violated in a sense. I was able to gain access within an hour of it happening (thanks to a wonderful brother who txted me at 12:30am to tell me). Because it was noticed quickly, they weren't able to get into other accounts such as my facebook, my other email accounts, etc.

Now when it comes to email hacking it can be the result of a few different things. They are:
  • Malware, Spyware, Virus- Usually the result of downloading something unfamiliar, or visiting suspicious websites
  • Phishing- This is when an email or link is used to collect personal information. Usually they try to be convincing claiming your account needs to be verified or that you need to login to see some sort of material.
  • Key Loggers- these are essentially a form of spyware. Essentially it is program that tracks every single thing you type. It can be done remotely or on your computer.
  • Bots- Essentially the concept here is that a computer (or a bunch of computers) crawls the web and essentially tries various combinations of letters and numbers.
For my personal situation, I know it was one of the last two, leaning toward the bots. The reason I believe this is because I haven't clicked any links or responded to any phishing emails. I've also run several different virus scans (I have a couple because a couple years ago I got a really bad virus on my computer out of the blue that resulted in a complete reformatting of the computer, so now I am extra cautious), and come up with nothing. I don't think it is a key logger because absolutely none of my other accounts have been hacked. Some people have wondered if maybe it was a site I signed up for that may have done it. I don't believe this is so because when I sign up for sites I always use my surveys and offers email address, so if an email address was going to be hacked I would have assumed it would be that one. So this really leaves the bot, which is really quite scary.

So I thought it might be nice to have a great list of ways to keep your information safe on the internet:
  • Use a complicated password. This link shows how long it takes for a hacker to hack certain passwords. The best passwords are a combination of upper and lower case letters, numbers, and symbols. Unfortunately not every site with a password allows symbols, but use them if you can. (I'll admit my password wasn't the strongest it could have been) 
  • Change your password regularly. I think this was my big downfall. I often forget to change passwords. If you look at that link above again, you'll notice that even the strongest passwords can be hacked in a couple months to a couple years depending on the hackers set-up. 
  • Don't use the same password on every account. Imagine if your email was hacked and you use the same password for everything. From your email they can see where you have accounts, and if the password is the same it's that much easier. (Given enough time they may be able to access all of your accounts). I believe this is the reason all of my other accounts were not compromised.
  • Don't give away passwords. A company will never contact you to ask for your password (this goes for email or telephone). Also, if you arrive at a website via a link and it tells you need to login or re-login, don't do it. Manually type in the website (,, etc.). Hackers are really good at making a login page look just like the real thing. 
  • Have a good spyware/firewall/virus protection. 
  • Make sure on websites that you enter passwords that you are on a secure connection. Depending on your browser you might see locks, have a yellow url bar, etc. But one sure fire way is to look for the https:// at the beginning of the web address.
  • Be careful what you do on public computers or through public internet. 
  • Be cognizant of the emails you send and receive. If somehow you get hacked, you have no idea what they may gain from it. This is what is most unsettling for me right now.
If your account has been compromised, it can take sometime to get access to it again. When you do make sure to check everything, make sure your mail isn't forwarding to some other account, check your filters, etc. This is a good source for gmail.

I hope this may prove valuable for some of you. Hopefully, none of you will have to go through it yourself.
blog comments powered by Disqus