Protect Your Web Accounts from Being Hacked

Hacking is a regular occurrence worldwide over the internet. Email, social networking and other online accounts are at risk from being hacked into if care is not taken to keep secure information safe. To best to prevent your web accounts from being hacked, there are various approaches you can take to stay in control and secure. This article will tell you how to achieve these approaches.

Steps

Email accounts

  1. Use a secured email account. When signing up for an e-mail account or any other account on the internet, make use of all the verification processes it provides. These are usually additional layers of information that is known only to you. The verification processes provided include things such as Phone Verification, SMS Verification and answering specific security questions. Do your research on finding a secure email account, depending on your personal needs; there are reviews available from other users if you do online searches.
    • Be aware that the email service provider you're using will have its own security measures, hence no particular one is set out here. Simply follow the instructions that are aimed at securing your account as tightly as possible. If you are trying to use an email account that lacks security features, reconsider using it at all.
    • Be aware that no email service is 100 percent safe. Do everything possible to make hacking very difficult.
  2. Make your email address less easy to guess. If you include a number with your name or an unusual word, etc., it makes it harder for someone to simply guess your name by adding your first and last names together and emailing.
  3. Guard your email password. Do not give it to anybody else, do not store it in your email Drafts folder and do not store it where it can be accessed. Your password is valuable, so treat it as such and keep it confidential.
    • Tighten up the security of your account. Add an extra phone number and alternative email address for a password recovery if somehow your account is hacked and the password has been changed. Add security questions related to password recovery so you can recover your hacked password later on.
  4. React promptly but carefully to messages about possible attacks to your email account. If you receive a message from your email provider that they are concerned about the email being compromised, follow it up. Read it carefully though, as if the email itself is a scam, it will have giveaway signs such as bad grammar, illegitimate/spoofed logos, a click-on link to change a password (do not click, always change a password from the account itself), etc.
    • If you are suspicious that an email from your email provider isn't real, contact the email company directly, either by phone or by a separate email sent through their actual website. Wait to hear back from them before responding to the suspicious email. Some companies have email abuse or inquiry departments; check their website for more information.
  5. Consider using different email accounts for different purposes. If you want an account where you can be less careless, such as for leaving your email address all over the internet, etc., use a separate one intended just for that and leave nothing personal or sensitive on it, ever. Keep your personal email account secure using the suggestions above but also by not giving it to many people, other than those you trust.
  6. If it's too good to be true, it's suspicious. If you receive emails promising prizes, wins, money exchanges, eternal love, etc., then be very suspicious. Never click on a link promising such things and never reply to the email either. Delete the message without actioning it any further.

Social networking

  1. Have a secured Facebook account. This is only provided for those who want to sign-up for Facebook. Use your original identity and information to sign-up for an Facebook account. Follow all of the account verification processes provided to make your account secure.
  2. Keep your password secure. Do not share it with anyone, do not store it in your mail inbox or anywhere on Facebook or online. Don't share your password with friends. If you log on at a cyber cafe or similar, always remember to log right back off when you finish (better yet, don't use a public computer at all).
  3. Be really careful if using public access computers for Facebook, Twitter, etc. If possible, avoid checking your social networking accounts on anything but your own devices. But if you have no choice, consider the following:
    • Never click "keep me logged in", or similar long-term access checks, when entering the site.
    • Be aware of who is around you when you key in your password. Cover the keys if you feel safer.
    • Be discreet and don't attract attention while using the site. Curiosity can lead some people to want to fiddle just because...
    • Always remember to log out when you're done. Just get into the habit of going through a list in your head of "log in, do not check stay logged in, log out" when using public access devices.
  4. Be very careful with third party apps on Facebook, Twitter, etc. Before installing any (if you really must), do research into the reliability, safety and track record of the third party app. Ask friends, ask questions in forums, etc., to reassure yourself of its safety. If you have any doubts, don't install it.
  5. Use the account's security settings to make things safer for you. For example, in Facebook, you can check the box that states "Browse Facebook on a secure connection (https) when possible". Enable login notifications––this will alert you should anyone other than yourself attempt to log in to your Facebook account. Enable login approvals too; this will require a special security code to be added should the account be opened from an unknown browser. You'll get a text message should such an attempt be made. And if you like, you can add trusted contacts who can help you get back on the site if you are hacked; simply check and fill the Trusted Contacts field.
    • Other social networking accounts have security settings too. Spend time checking these out and enabling what you feel protects you best.
  6. Consider using the Privacy features to limit who can see you. In accounts such as Facebook, only allow friends to see your stuff; that way any "friends of friends" who might be less friendly in intent won't be able to see your account.
    • Whatever your social networking account, don't share your account with unknown people. In Facebook as well as Twitter, there is an option by which you can keep your account hidden from the general public, although your profile name will be shown. This option can be found in "Privacy settings " in Facebook and 'Settings ' in Twitter.
    • Only share video, photo and other content with friends.
    • In Facebook, change the timeline and tagging to be friends only.
    • Friend only those people you really know. If you don't know the person, assume it's safest not including them in your Facebook account.

Sensible password precautions

  1. Use a very strong password. A hacker can access your account by using an attack called 'dictionary attack', in which all of the words from a standard dictionary of the English language is placed in the password box and after a while, the password may be revealed and a hack will occur. To reduce the possibility of a dictionary attack, add numbers, alphabets and even symbols (!@#$%^&) altogether. If the site allows for it, use a pass phrase with numbers and symbols too - this is even harder to crack, although it's not provided as an option as often as passwords.
    • An example: Suppose you have the password 'Hello to you' (without the quotes). This could be hacked within an hour or less using a dictionary attack. However, if you modify it to something like: '#ello2u' (without the quotes), it would take more than 1 month or even a year to crack and the hacker is going to give up and look for an easier target.
  2. Don't ever use obvious passwords. For example many people have the tendency of keeping the password as '<your own="" name="">', or 'password' or 'password123' , '<your girlfriend="" boyfriend="" name=""> '. People trying to access your account will use the obvious examples first.
    • There are password strength checkers available online for you to test a range of passwords before using them. This can help you work out what is as strong as possible each time.
  3. Keep changing your passwords. Don't be so confident about your strong password. It can also be hacked within a month, so if you have a persistent hacker who really wants to get your information, make it hard by constantly changing your password. This process must be processed at a minimum of every 3-4 months, more often if possible. It is a good way to keep your memory in shape too!
  4. Don't use the same password in every web based account you have. Doing this could be the greatest pitfall ever, for if a hacker comes to know your Facebook password, the obvious next step is to input this password into other accounts in the hope you've been lazy and used the same one over and over. If you have, then bingo! Your whole web life could be wiped out.

General safety

  1. Keep your account information details safe. Keep a record of account information such as email ID, phone numbers you've provided, alternative email addresses given and security questions with answers. Keep this information in a safe and secure place, such as on a piece of paper stored in your home. Some sites, such as Facebook and Twitter, allow you to download such information to your computer, so you might like to do this every 3 to 4 months.
    • Password lists: This is a touchy subject. Most advice is to keep passwords in your head. The reality is that many people cannot do this effectively, especially if you need different passwords for dozens or even hundreds of sites. Find a sensible way to keep copies of such passwords safely, such as paper written lists (for example, divide into different lists, keep in different places), not writing down passwords for your most used accounts (those ones ought to be easily remembered) or only writing down passwords for accounts that have no sensitive information when entered, etc. You'll need to devise a safe way that works for you, bearing in mind that many sites offer password retrieval to cover forgetfulness.
    • Be aware that if you keep lists of passwords etc. on your computer, and your computer is hacked, all of the listed accounts may be compromised.
    • Use a good code to keep any stored personal reminder information safe from being read. You can make it up or learn one; the idea is that unless you're harboring an important state secret, most hackers won't persist with anything that is simply too much effort.
  2. Reduce the chances that you'll end up spamming others. Spam can occur when your email or social networking account is hacked and your list of contacts is used to send on spam from your address/account. Ways to avoid this happening include having a strong password so your account cannot be hacked, not adding friends in Facebook whom you don't know, not clicking on links in emails from people you don't know, etc.
    • Never reply to emails that land in your spam folder. Delete them immediately. By replying, even in a gesture of humor, you confirm your existence and you'll just keep getting more spam from the sender.

Tips

  • With any online account, be it for work, college, a shared project online, etc., keep all passwords secure and regularly read security message updates placed directly on the sites.
  • Have you already given access to third party apps on your accounts? You can often revoke these using the tools on each site. For example, Twitter provides a "Revoke Access" link under Account Settings --> Connections.
  • For online banking, follow all the suggestions from the bank and maintain a regularly changed, very secure password or pass phrase. Never share the password with anyone else. Read the security notices or updates the bank sends out. If you have any concerns, contact the bank immediately––keep a record of the bank's 24-hour contact line on your phone and in an offline address book to help with fast retrieval in any situation.
  • Scan your computer or other device regularly for viruses and malware. Choose programs tailored to your device; there is plenty of information available online, or ask at a retailer for advice.

Warnings

  • Don't install free software that offers you free smileys for chat. These sites are known to be used to trace your keystrokes on your computer, which is also known as key-logging.
  • Don't click on 'Remember me' after logging in any account unless it's your own personal computer, not even on your office's computer.
  • Don't reply to any emails which are sent to your spam folder.
  • There are many password decryptors on the net. This software stores your password in the computer. Don't use accounts at another person's house or even the cyber cafe, as they may have installed these decryptors. (If it's a friend, ask if this is on their computer and ask that they delete your information, or change your password when you get home.)
  • Beware of harmful apps of Facebook which may request you to access your profile and get controlled by them.

Related Articles