Is Pizza your favorite food? You might be hacked!
Is Beef or Pizza your favorite food? Then you might be hacked!
Learn how to secure your answers to your Security Questions and protect your digital accounts.
Many of us choose passwords that are relatively easy to remember and based on common words, and hackers can guess your password using a database of words. We have seen many websites asking the same security questions about your first street address, or the name of your first school, or your mother’s maiden name, or your date of birth and even some banks do that. So if online criminals guess correctly your security queries, through well-researched social engineering, chances are they’ll be able to get into your email account and reset passwords to all the websites that you use. They could then break in to your PayPal account, your Credit Card account, and your bank accounts or your database and it doesn’t take a database expert to break into one.
Do you have protection against attacks that antivirus can’t block ?
Your security question to “What is your favorite food?” for example, it is not difficult to be guessed by a hacker. Pineapple pizza? Roast beef? People are predictable. “What is your favorite cheese?” Ok! If it’s not Mozzarella then it is Cheddar or could it be Provolone? Actually, hackers work with a smart algorithm and a dictionary and they can guess what kind of food you prefer by searching your internet identity information database. If you eat caviar, for example that also means you are in a different segment of targets. Maybe your father is rich, or maybe you work for a successful company or for the government. Professional hackers have the technologies to see everything in your computer. They can record every button you press on your keyboard or mobile touch screen. Hackers are surprisingly good at crafting spear-phishing messages that can convince even the most knowledgeable users to click on a link or open an attachment.
“A 2015 cyber hack of the IRS potentially gained access to personal data from more than 700,000 taxpayer accounts, more than double the total previously estimated, the tax agency said Friday”. www.usatoday.com/story/money/2016/02/26/cyber-hack-gained-access-more-than-700000-irs-accounts/80992822/
So what should you do to protect your online accounts?
You can protect your data by lying on your Security Questions which often accompany other details. It’ll reduce the chances of a cyber attack, or help to protect you if you’re targeted.
Fictitious answers to your security questions.
Targeted attacks at first step take advantage of common spelling or visual errors to present users with malicious websites that appear to be legitimate, well-known sites. Fraudulent activities may include Spear phishing, ransomware, spyware, rootkits, trojans, sender impersonation, credential phishing , typo squatting and other targeted threats. If you use untrue, but memorable answers you could prevent cyber attacks.
Consider also buying professional state of the art software which is set to prevent cyber attacks. Please visit its website and to see all of its features and if you like to be protected by a supreme cyber security program you can Save 20% on Heimdal PRO
Google examined real-world data set on personal knowledge question’s security and the ability to remember it and recommends that you use an unusual string of letters. You could try an abbreviation of your favorite song lyric or your parents’ and siblings’ initials. Google uses the example of the famous line from Hamlet: To be or not to be that is the question. It can abbreviate as 2bon2btitq. It would be hard to find that string of letters anywhere else, which makes it almost impossible to hack into. Google has already changed policy to never use security questions as stand-alone proof of account ownership only combined with other signals. If you are interested to read the full report, Secrets, Lies, and Account Recovery: Lessons from the Use of Personal Knowledge Questions at Google you can download the pdf file here.
Another common mistake is password reuse.
Here is an excerpt from the Wired magazine:
“During the past two years, more than 280 million “hashes” (i.e., encrypted but readily crackable passwords) have been dumped online for everyone to see. LinkedIn, Yahoo, Gawker, and eHarmony all had security breaches in which the usernames and passwords of millions of people were stolen and then dropped on the open web. A comparison of two dumps found that 49 percent of people had reused usernames and passwords between the hacked sites. “Password reuse is what really kills you,” says Diana Smetters, a software engineer at Google who works on authentication systems. “There is a very efficient economy for exchanging that information.” Often the hackers who dump the lists on the web are, relatively speaking, the good guys. The bad guys are stealing the passwords and selling them quietly on the black market. Your login may have already been compromised, and you might not know it—until that account, or another that you use the same credentials for, is destroyed”.
If you like to read the whole article from Wired you can go here.