I’m writing this with complete passion and spilling everything I know about how hackers are obtaining our personal information without us even knowing it.
Professionally, I’m a bank security specialist who investigates financial crimes including ATM cash back schemes, check kiting, identity theft, credit card fraud, tax fraud, loan fraud, and counterfeit checks. I’m constantly keeping up to date about fraud trends, and this particular subject is something I felt needed to be shared publicly.
Before I get started, please know that I’m not writing this to scare you in any way. I feel that this information needs to be shared with as many people as possible and I hope it spreads like wild fire because it’s so important to spread the awareness.
WHY HACKERS STEAL INFORMATION
When you hear the word “hacker” what do you envision? A scrawny person behind a computer screen in a dark basement typing away at numbers while chuckling to himself as he cracks the code to a website?
Hackers look like everyday people. They have regular jobs, families to feed, and activities they like participating in.
But… they steal information because it’s their way of living.
Throughout the WORLD, there are offices filled with hackers attempting to crack the codes of anything and everything they can. Personal email addresses, federal government websites, personal and commercial bank accounts… you name it.
This is how they bring income to their lives. Some steal the information to keep for themselves, while others sell the stolen information to other companies who pay big bucks for them.
“It’s business” they say. And they don’t see anything wrong with it.
HOW HACKERS ARE STEALING OUR INFORMATION WITHOUT OUR KNOWLEDGE
Public information. Social media updates. Spread sheets.
Let me make one thing clear: your information is already out there.
If you’ve ever applied for a loan, mortgage, or even a credit card, your public information is already out there.
Hackers create spread sheets that contain a TON of information about each individual they’re tracking. They take that information and run it through a computer program that generates all types of passwords in an effort to hack into your accounts.
Once they hack into your account, they’re able to change your current password, security questions, and input backdoor access capabilities to monitor your every keystroke once they allow you to re-enter your account.
How do they know what information to put in their spread sheets?
If you’ve ever posted a picture, status update, or location on social media, they’re using that information against you.
Example: Say I posted a picture of myself with my family and pet dog at Secret Beach last weekend. I tagged a few people in the pic and typed a caption that said, “Celebrating Kate’s birthday with the fam at our favorite spot with our dog, Bingo.” Hackers will take everything they know about that photo and enter it into their spread sheet:
- Ashlyn Tengan
- Secret Beach
- Family Members: John, Sue, and Kate
- Kate’s birthday: 8/6/2015
Using this information, they’ll try to figure out the passwords to any and all of my online accounts, whether it’s social media accounts, bank accounts, or email accounts.
TIPS TO PROTECT YOURSELF AND YOUR FAMILY
1. Using any English words in your passwords already leaves you 50% vulnerable.
Most people create passwords that are easy for them to remember. They use their kids names, pets names, and any dates that are easy to remember such as birthdays and anniversaries. Hackers are aware of this and use this information against you to crack you password. If you currently use an English word in any of your passwords, you’ve already given hackers a 50% chance of figuring out your password.
2. Create a code for your passwords.
Create something that no one would be able to figure out if they tried, but easy for you to remember. For example, it would be difficult for hackers to figure out a password that was “M3dL2EF” right? But to you, it would be easy to remember because your password is code for “My 3 dogs Love 2 Eat Fish.”
3. Use a 2-step authentication process.
A 2-step authentication process is when your identity is verified by two different methods. For example, your bank may send you a text message after you’ve input your password to login to online banking. You would then input the code that they texted you into the screen on your computer to verify that it’s actually you attempting to access the account.
4. Touch ID is safe!
If you have an iphone, utilize the Touch ID (aka “fingerprint verification”) to access your accounts. This is extremely safer instead of using a 4 digit PIN. TouchID is still a new feature, and if you have the option to use it to access any of your accounts, take advantage of it!
5. Never use the same password twice.
Imagine if someone were to figure out your password. It’s likely that you’d have used that same password on another account… and another account… and so on. Don’t make it easy for hackers to access all your accounts! Create a new password for EACH and EVERY ONE of your accounts.
6. Change your passwords often.
A good rule of thumb is to change your passwords every 90 days. Set this up as a reminder in your calendar!
7. Use the maximum amount of characters.
When creating your passwords, don’t just stick to the minimum 8 characters. Do your best to create a password that utilizes the maximum amount of characters possible. This should be easy to do when you’re creating a code like mentioned before.
8. Use a password manager.
A password manager is a tool that well, manages passwords. A good one I’ve heard of is called OnePassword. You input all your passwords into OnePassword and they will encrypt your password when you sign in to any site.
9. Change your wifi password often.
The biggest mistake that people make when they set up their wifi passwords is not changing them from the original password that came with the device. First, create a username that no one recognizes. Don’t use identifiable information such as “The Fergusson Family” or “Brian Phillips”. You’ve probably heard of people naming their wifi devices silly things such as “FBI Surveillance Van” or “Can’t Touch This” and those are smart moves! In addition, use the same methods of creating a password for your wifis to keep hackers from accessing your home networks.
1. Throwback Thursday
Did you know that #TBT was created by hackers?
Hackers use spreadsheets to monitor what you’re doing online. They keep track of everything you post from status updates, people who you tag in pictures, places you’ve visited, and status updates you’ve liked, just to name a few!
In order to obtain information from back in the day, hackers depend on the information submitted on people who participate in #TBT.
Oh, you grew up on Smith Street? Your grandmother’s name used to be Alice Johnson before she married your grandfather, Peter Jones? Your childhood best friend’s name was Mark Acorns? You graduated from Hollinsworth High School in 2003?
Guess what… the hackers now have all the information they need to answer those common security questions:
- What is your mother’s maiden name?
- What street did you grow up on?
- What was the first name of your childhood best friend?
- What was the name of the high school you went to?
2. Use caution when accepting friend requests.
Be wary about who accept as friends on your social media accounts. Have you met this person in real life? If not, don’t add them as a friend! Friends on your social media channels can see so much more information than those who aren’t friends. Don’t befriend someone on social media just because you’re afraid of looking like a mean person! Your identity trumps ANY hurt feelings that may occur with someone who you’ve never met!
3. Turn Location Sharing off.
Go to your settings and turn off any location sharing capabilities on apps that don’t absolutely require it, and keep it on for those that do, such as your camera and maps. Hackers will track where you frequent often without your knowledge to figure out when you’re most vulnerable. If you’re at work, you’re likely too busy to check your email or online accounts.
1. Is your router safe?
Check to ensure that your firewall is turned ON.
Look at every single connected device and ensure that you recognize them and that the firewall is enable for each one.
2. Run credit reports on your children, even if they’re babies.
Hackers and identity thieves are stealing the identities of babies and children because they can go undetected for YEARS. Kids’ information is stolen from hospitals and insurance companies and thieves are using their information to open credit cards and obtain loans. This goes undetected for years because parents don’t expect anything to be on their children’s credit histories because they’re kids! They shouldn’t even have anything there! When the child is 18 years old and applying to college or wanting to open their first credit card, that’s when they discover that their credit is completely damaged. Run your childrens’ credit reports every year to make sure nothing is on there. Period.
I hope this was helpful in someway to you. I created a password workbook as a supplement to this post to help you keep track and organize your passwords, usernames, important dates, and a printable to remind your family about the importance of protecting your information.
Click here to access the password workbook.
Please share this with your friends and family to help spread the knowledge. If you have any questions, please feel free to reach out to me at email@example.com.