Italian American Police Society of New Jersey

‘Tis the Hacking Season

Christmas time is one of the most hacked time of year.  There are more people shopping online then most other times of the year.  Be Careful!

You need to keep yourself safe.  If your email has been hacked, act quickly.  Sometimes you may find yourself locked out, and sometimes you may not know, but a friend will catch the telltale signs that you were hacked.  Like an email from you that "just doesn't look right",  like "Hey, I saw you last night and took a video"  and there is a link in the email that they want you to click.  DON'T FALL FOR IT.   I routinely notice these emails and quickly text & email the person to let them know.

AOL, Yahoo, and Hotmail seem to be the most hacked, whereas Gmail seems to have the least hacks.  If you are using any of the former, consider starting a Gmail Account.  Keep the same first part if you can, it will be the same @gmail.com.  On your AOL, or Yahoo,  set it to forward to your new Gmail address.  Transfer all your contacts to your gmail account. Gmail also has the advantage of having the best Spam Filters.  Even the ones being forwarded from the others will be scanned for spam.

Facebook is routinely hacked, along with twitter, etc.   Periodically change your Facebook password.  Don't use the same passwords for all your social media.

If you know you have been hacked, there are a few things you need to do ASAP.

  • Take back your account.  From a different computer (hackers may be watching you) , go onto the site or email web page and follow the links for changing password.  Hopefully you can get in this way.
  • Also,  immediately check and change your "security questions".  Try not to use the answers they ask for. eg. Where did you meet your spouse?  answer something in a different context, like  "chocolate chip cookies".  The system doesn't care what the answer is,  it is actually another password triggered by the question.
  • Check to see if any "email forwards" were put in place.  This is a way for the hacker to always get a new password if you request one from a vendor or email site.
  • Check that there were no new information added, like delivery addresses or other identifiers that a hacker may use in the future.  This is important even before you are fixing a hack.  It's just good practice.
  • If you are dealing with a bank,  make sure No New cards were requested
  • Keep your computer updated.  Reboot,

Use strong passwords upper, lower, numbers, characters.

Consider a "Password Vault"  It t is an app & website that keeps track of, and helps you generate strong passwords.  For example, KeeperSecurity.  You can log in to the web site, or purchase the App for your phone for about 1$ a month, then they are always in sync.  Add a password on your phone, and it will be available on the Web App.
It then becomes a secure place to keep your passwords.  The password to your Password Vault should be a Long unrecognizable word.  For example,  if you have a favorite saying or song. maybe the first letter of every word in a certain line of the song.  You may not be able to remember the sequence of letters,  but you can recreate it at the keyboard just by saying that "line" in your head as you type each letter.
Now Is The Time For All Men To Come To The Aid Of The Party.  nistfamtcttaotp
This password would not need to be changed.  The more paranoid of us may choose to change it once a year, just for fun.

All your sites should have a different password because the hackers use social engineering to "guess" your passwords.  Most people are lazy and use the same one for everything.  once the bad guy gets your Facebook,  it would then have your email, twitter, etc.

Use 2 factor authentication.  This is where, when you attempt to log in to a website, they will send you a code to a registered device, like your cellphone.  This is similar to the high tech security that some companies use for their employees.  They usually have a digital key fob with an ever changing number on it that they enter with their password.  The 2 factors are:  1-something you know (password), and 2-something you have (fob, or cell phone, etc). Hence, 2 Factor.

To learn more about Password Vaults and security,  watch The Tech Guy podcasts.

For those of you who hate the idea of changing email addresses because you've had it forever,  there are advantages to adding Gmail into the mix.  For spam filtering it is great.  You can have Gmail collect your other emails and then filter the spam. There are many combinations and scenarios to suit your needs.

Do you want to have your own Personal Email Address?  Having your last name, like Jim@Smith.com,  try a service like Hover.com.  There for a nominal amount ($5.00) per year, you can have a personal email address that forwards to your Gmail account and your Gmail would be set to say it is coming from your Jim@Smith.com address.  Nobody knows you are using Gmail.