5 Ways to Avoid Getting Hacked (Again) | #itsecurity | #infosec

Let’s set the scene: A celebrity posts something contentious online. Then, after receiving a fair amount of blowback, either in the form of trolling or being canceled, that celebrity proclaims, “I got hacked!”

Famous people are humans too, and they say ridiculous things or make unsubstantiated claims on occasion. And sometimes, these celebs really are victims of a hacking incident. Either way, their public shaming gives the rest of us an opportunity to learn to mind our manners online or develop safer browsing habits and avoid the humiliation they endure.

What do these famous people do when they’ve really been hacked, and they’re at their most vulnerable? Sometimes they fight back. You can do it too. Let’s look at a couple of examples.

Phishing for Billionaires

Known rich guy Jeff Bezos has many friends in high places. So when he received a WhatsApp message that appeared to be from the Saudi crown prince in May of 2018, he didn’t blink an eye before opening the encrypted video file.

The file infected Bezos’ phone with malicious code. Screenshots of Bezos’ texts leaked. Suddenly the whole planet knew what its richest man had been up to, an illicit affair with a younger woman.

Bezos responded with a Medium article detailing the blackmail attempt. He also got top security specialists on the case and ultimately hired digital forensic experts to figure out who hacked his iPhone and how. Unfortunately, as of April 2021, it’s still unclear who exactly was behind the hack and what code did it.

A Rocking Ransomware Response

In 2019, British rock band Radiohead found themselves in the spotlight when unnamed hackers stole about 18 hours of unreleased music dating back to when the band recorded their aptly titled album, “OK Computer.” The hackers ordered the group to pay $150,000, or they would leak the music online. Of course, Radiohead refused to pay the ransom (as you should too) in true rock and roll fashion and just released the music to their fans to stream for free.

What Can You Do to Avoid Getting Hacked Again?

What if you, presumably a non-famous person, find yourself recovering from an identity theft incident, a ransomware affair, or a malware malady? As PCMag lead security analyst Neil J. Rubenking writes, you need to take preventative steps to avoid getting hacked again. Here are a few tips.

1. Use Mobile-Based Payment Systems

One easy way to be safer is to use mobile-based payment systems instead of credit and debit cards when you can. Apple Pay and Google Pay are more secure than physical cards, and you can use these payment systems at brick-and-mortar stores, too. Additionally, protect your mobile device with a biometric signature or a strong passcode, and keep the device with you.

2. Use Strong Credentials and a Password Manager

A recent PCMag survey revealed that many of you are using the same passwords for every login online. Stop doing that, please. Using the same password everywhere leaves you open to attacks. Instead, get a password manager, even a free one, and it will help you create strong, lengthy, unique passwords for your many online logins. Password managers not only generate and remember strong passwords for you, but also fill them in automatically on login pages in a secure way. 

3. Set Up Multi-factor Authentication Wherever Possible

If a malicious actor gets a hold of your login information, stop them in their tracks with multi-factor authentication. Multi-factor means you need more than one factor to log in to an account. Typically we think of three different factors: something that you know, something you are, or something you have. Something you know is typically a password. Something you have can be a physical security key or an authenticator app on your phone. Something you are can be a fingerprint scan or facial recognition.

4. Get Help from the Experts

The US Federal Trade Commission has an advice site for identity theft victims. It includes checklists, sample letters, and forms you need to fill out to get your life back in order after an online attack. Take a look at this helpful resource if you suspect you are a victim of identity theft.

5. Install a Security Suite

Using security software can mitigate some of the damage done by determined hackers. A robust security suite fights off malware, adware, and spyware and provides some phishing protection.

Remember that vigilant personal habits online are essential, too, such as not opening spam emails and avoiding unsecured websites. 

Like what you’re reading? You’ll love it delivered to your inbox weekly. Sign up for the SecurityWatch newsletterSign up for the SecurityWatch newsletter.

Use These VPNs for Netflix

In the summer of 2021, Netflix reportedly started cracking down on customers using VPNs to stream movies and shows from the service. Shortly after that, PCMag began retesting whether US-based customers could connect to US-based VPN servers and successfully stream Netflix content.

PCMag senior security analyst Max Eddy compiled the test results, and there are only five major VPN services that remain unaffected by Netflix’s crackdown on VPNs. CyberGhost VPN, ExpressVPN, Hotspot Shield VPN, Private Internet Access VPN, and Proton VPN allowed regular access to all of Netflix’s library. The rest of the VPNs tested only showed a limited subset of Netflix content.

Note that Netflix and VPN are engaged in a cat-and-mouse game, so VPNs that work one day may be blocked the next day, and vice versa. If Netflix suddenly limits your access while you’re using one of the named VPNs above, well, they’ve won this round. Of course, VPN companies are always looking for ways to get around content bans online, so what’s limited today may be available tomorrow. Nevertheless, continue using a VPN. Your privacy is worth it.

What Else is Happening in the Security World this Week?

Original Source link

Posted in Uncategorized

Leave a Reply

Your email address will not be published. Required fields are marked *

six + four =