Last week, A Russian cyber gang created one of the biggest Internet data security threats in history, amassing 1.2 billion website user names and passwords and collecting information on more than 500 million people in a massive breach of online safeguards, according to Hold Security in Milwaukee.
The thieves bought databases of stolen credentials from fellow hackers on the black market, then used what they got to hack into private e-mail accounts, social media and other websites, Hold said in a public statement.
These days, hardly a week goes by that doesn’t feature headlines about thousands or millions of accounts being exposed. While there’s no way to know if your credit and personal information has been lifted, the safest bet is to assume you’re at risk and take appropriate precautions.
Change passwords
If hackers have access to your passwords and you change them, that limits the damage the crooks can do. So take that pre-emptive step and go into all those online accounts and create new passwords. For those that include sensitive and financial information, it may be wise to reset your passcode every three to six months.
Programs like Lastpass and Dashlane help organize passwords and provide secure storage for login information.
Create stronger passcodes
Try to create new passwords that are stronger than those they replace – you can do this by using at least 12-15 characters,with a mix of uppercase and lowercase letters, along with numbers and symbols. And avoid using words that can be found in a dictionary.
For example, a password like “RuSSiaNHacKer!31” is a much better password than “Russianhacker31,” while “rUSsn3hckr!1” is stronger still. Also, avoid easy-to-guess words, like your user name, and don’t use personal information, like your last name or your birthdate.
Don’t reuse them
It’s common practice to keep the same user name and password when using multiple sites. But that can increase vulnerability to being hacked. Once cyber thieves have cracked your code on one website, they can try that combination on others. So make sure each log on and passcode is unique.
Guard against spoofing
Copycat websites deliberately set up to deceive use names or addresses very similar to those of real organizations, including banks, in an attempt to lure people in and disclose log ons, passcodes and other personal information, according to the Federal Deposit Insurance Corp. (FDIC). It’s often referred to as website spoofing.
Watch for phishing
Don’t open email from an unknown source, especially if that e-mail has an attachment, which should never be opened.Email that asks for confirmation of logons, passwords, personal details or bank account numbers is probably a trick by cyber thieves trying to obtain your personal information – a scam known as phishing. Legitimate companies won’t ask such questions by email or text message, according to the U.S. Federal Trade Commission.
By taking these and other common-sense measures, you’ll be better protected against hackers and the predations of cyber thieves.
Source: BI