A convincing-looking site may pop up requesting your username and password
Cybercriminals have password hacking programs that run for hours, systematically testing millions of possible combinations to gain access to your private information and accounts. If you haven’t done so already, please apply the password creation formula outlined in Part I of this blog series. –Be especially careful NOT use the same password for soft targets (e.g., your online magazine subscriptions) and online banking or ISP/email access.
Additional security countermeasures
- Use a Safer Browser–Some web browsers are better than others are at blocking websites that often have malware links that have been embedded by criminals, often unbeknownst to their owners. To reduce risk, install all available updates to your browser. Better still, use a browser like Firefox that updates automatically. –According to research, Internet Explorer is the most vulnerable to this kind of attack. In the fall of this year, probably in October, Microsoft will launch Windows 10 with a completely new browser to replace Internet Explorer.
- Double Check the Website Address–Criminals can be waiting in ambush when you enter a typo in one of your vital account website addresses. A convincing-looking site may pop up requesting your username and password. —If you aren’t paying attention, your account will then be hijacked.
- Protect Your Router and other Devices–When you install any device, change the default password right away, especially the one for your Router. And make sure to download all firmware updates. More importantly, check to see if your router has WPA2 access, the most protected type of encryption. If it has only WPA basic protection–or less, consider buying a new router.
- Avoid Free Public Wi-Fi Networks–Legitimate public networks are vulnerable to outside attacks from hackers who can tap into the link between your computer and local network hub. This is especially the case for networks without passwords. It’s much safer to (1) use your own Wi-Fi ISP, (2) sign up for a VPN (Virtual Private Network), or (3) use a browser extension like HTTPS to encrypt your communications.
- Take Precautions with Free Apps–Download apps only from a legitimate provider like Apple’s App Store or Google Play. Before installing directly from a provider website (again, not recommended), check posted user feedback to see if there are any red flags.
- Think Twice Before Clicking a Sensational Link on FB or Other Site–A friend may have innocently posted an enticing video link on FB. When you open it, you are then asked to download a media player or take a survey of some kind. DON’T! This leaves you wide open to malware.
- Use Two-Factor Authentication When Possible–If you request it, FB, Google, Microsoft and Apple and other companies will provide you with a second layer of protection by arranging to send you a randomly generated code (sent to your smartphone) as you log in. Information about how to do this and which companies are providing it are available at org.
In my next and final installment in this series, I’ll discuss the new ‘hackers for hire’ threat and what to do if you are hacked.