Blogs

Blogs

Think Your Privacy Is Protected? Think Again.

My Instagram account @sarahstreetmedia was hacked last December. My account was down for two weeks, and Instagram was no help. No one ever replied. I went to Facebook and registered as an app developer then requested help for advertising. Whala. Someone called within hours. They restored my account within minutes. But what was the purpose of the hack? Why was my account blocked and not deleted? What happened?

Social media attracts hundreds of millions of users each day. Hacking requires little skill and we can purchase programs like keylogging at Amazon. Malicious coding, spyware, and proprietary information theft are commonly used for simple hacks. With the press of one key, your information is stolen. In my case, I opened an email in my Inbox, the mail looked identical to Instagrams logos, lettering and letterhead. “Your Instagram account has been compromised. Reset your password.” I pressed the link. My account was gone.

Software assures protection, and in most cases even advertise its protection, but If you read the fine print most policies will tell you in the Terms and Conditions they don’t take responsibility for your loss data.

Our personal data can be bought for as little as $0.20, 2018 Current State Of Crime. Because it sells for so cheap, this makes sellers work harder, hunting down personal data anyway they can.

Facebook CEO, Mark Zuckerberg is under the microscope for selling major company’s information to Russia. I personally hope Zuckerberg goes down.

When you download your data from social media platforms, you’ll probably be shocked to discover what has been stored. Think you deleted it years ago? Think again. Nothing ever gets deleted. If someone hacked your account, they have access to everything you have ever typed, including what you sent via private message and your previous passwords.

1 out of 5 files aren’t protected. Your software device firewall and added software security are not protecting you entirely. When you install an app, it asks for permission to gain access in your device. And that is exactly what they have, access.

Cybercrime is more profitable than drug trade.

Despite the payout of personal data, cybercrime is incredibly expensive and the most expensive part is loss. In 2015 cybercrime caused a whopping 3 trillion in damages and it’s estimated to cause 6 trillion in damages by 2021. When our credit reporting agencies and emails are hacked, this number increases at an enormous rate and speed.

We may think it’s bigger companies to blame for Cyber breaches, but in fact 95% of security failures are the customers fault.

Microsoft Office file formats (Excel, Word, Power point), compromise the most prevalent group of malicious file extensions. Making up 38% of Cyber attacks, effecting you daily. These are commonly sent as extensions or attachments in emails and are utilized by most people. These Microsoft file formats are vectors for malware and are easily overlooked.

WordPress is a free and open source website tool; popular software that’s powering nearly half of all websites on the Internet. But 73.2% of all Wordpress installations are open to vulnerabilities.

Crypto Hacking attacks are up by 8,500% yet the unemployment rate for Cyber security jobs are approaching 0%. Reaching 3.5 million needed jobs to fill by 2021. This market is growing too fast for the world to keep up.

Androids are at extreme risk. Malicious software that is installed on android platforms has increased by 400%. People tend to be more relaxed with their cell phones, probably because most of us carry it with ourselves. Only 50% buy added protected on their smartphones and 72% on their laptops and desktops computers. It’s likely that our smartphones store more data than our desktops and laptops. In a hyper-connected world the majority of us use our phones for everything. We have become overly connected and have developed a deep loving relationship with our phones. We tend to trust it, it’s our safety for so many reasons. Therefore, we input more personal information on our phones than on our computers.

Over half of China’s electronic devices are infected. China is the #1 country with the most infected malware. There are billions of malware samples, “PandaLabs, the laboratory of Panda Security, detected and neutralized more than 84 million new malware samples throughout 2015.” Last year there were 304 million samples detected in the world. It’s estimated that over 230,000 new malware samples are produced daily in China and roughly 1 million new threats are released every day in the world, CNN Business, 2014.

It can take seconds to steal your data. Below is a list of malware and hacking techniques to beware of.

Digital extortion:  one of the most lucrative ways cybercriminals can profit. Hackers steal files or photos from a victim’s computer and demand a ransom in exchange for a key to decrypt their files. The bulk of digital extortion is done with ransomware attacks. Other types include, phishing, negative review and spamming (the cybercriminal will retract the negative review in exchange for cost), and blackmail.

Common ploy: Send 300k in Bitcoin or the cybercriminal will release personal and private information about you. They may even have a video of you doing someone that makes you feel guilty. Or they may threaten to have a video of you or know something about you doing something that makes you feel guilty to cave in. They will most likely provide your accurate banking information and personal information to validate that they are in fact real hackers to scare you. This is why the blackmail works so well. Especially if you have kids and loved ones you want to protect. What should you do? Save yourself 300k in Bitcoin. Change your passwords and bank information. Don’t entertain them.

Guilt has made many people prosper.

If you are computer savvy, check your terminal and look for anything unusual. You can open Terminal from Utilities. Type ‘man’ followed by a space and then the process name, e.g. “man nefwork.

Social media scams. Users do all the work for the cybercriminal just by sharing a video or story on sketchy sites. The virus spreads rapidly because people are more likely to click on something posted by a friend.

Likejacking and clickjacking are common social media spam hoaxes made in an attempt to steal your private information. A common ploy, “Facebook will donate $1 toward the child’s care for every like.” Cyber thieves will say anything to convince the reader to hit the link to embed the malware in your device.

Proxy hijacking is when a hacker creates a copy of the victims web page on a proxy server, using keyword stuffing techniques, linking the original site to a copied website with the hopes of increasing search engine rankings. The victims site will then rank lower. Search engines like Google will see the victims site as a duplicated website, then Google might remove it from its index.

Keylogging is common in the workforce and keylogging software is available on Amazon. Keylogs record your information by recording your keystrokes. Information is gathered and collected over a period of time.  If you keep getting the same email threat, chances are, your keystrokes are being recorded. Keylogs are also commonly used in the home, it’s a common a program purchased for someone with trust issues.

Malware is hard to detect. Its intention is to cause damage to a device, server, or network.

Trojan is a computer program which misleads users convincing them the content is true.

Spyware  Like keyloggers, this software aims to gather information by recording your keystrokes and activities. The information can be sent to another entity without the consumer’s knowledge.  A common example is when a cybercriminal waits for the user to install an update. Then they have access to your devices.

A crawler or hunter is not malware or a virus, instead it wreaks havoc on your device and disrupts browsing activity.

Phishing. 1 in 3 emails are phishing. “Roughly 12 percent are victims of the actual infections that result from phishing.”

What can you do? Educate yourself on keyloggers, Trojans, spyware and malware. Protect yourself against malicious apps and third-party tools. Beware of apps and software asking permission for sms, microphone access, and device permission. Beware of fraudulent email accounts. Hackers use email names from companies we recognize then imitate a company’s name to look similar: @gmail.com, @gmall.com.

Never download from 3rd party sites, change passwords weekly and Include specialized characters, capital letters and numbers.  Never use the same password for over one account. When you receive a text asking to validate a pin, keep in mind, it might be a hack.  Instead, use an old unactivated phone for two factor authentications for extra protection.

When you open a suspected email,  check the URL on your desktop. An unsafe URL starts with http:// a protected URL starts with https:// Know that there are ways to manipulate a URL. so it looks like it is a trusted company. Also know that there are sites you go incognito with to get a URL checked out.

Remember that open networks and WEP security, aren’t secure at all.  Consider changing your proxy when using Wi-Fi networks that are shared. Change or hide your IP address. Hackers can exploit your IP address. But they can’t do much if your firewall is on, your firewall stops them from entering your programs, they can get into your ports. Your personal details and your IP address are not connected, so that is false, your IP does not provide information about you. Consider using an extra hardware firewall for added protection and block your IP address. I personally use Express VPN.

Some sites will prevent your account from logging in if you use a different IP address then what you normally use to log in. I can easily unblock mine when logging into sites with difficulty. Working in social media, I find a lot of third-party sites change their IP for privacy and assign one specifically to you. It’s also good to change your proxy settings to prevent proxy hijacking.

Unfortunately, it’s impossible to avoid all hacks. But we can educate ourselves on what we can control and protect ourselves.