Hacking & Phishing

This post includes content adapted from onguardonline.gov.

What is a hacker?

A hacker is someone who will try to gain access to your account that you did not authorize. When they gain access to your account, they can post as you, message your friends, delete your account, and possibly even gain access to your other accounts. They can ruin your reputation, bully others, and do other destructive things. To keep people out of your account, follow these password security tips:

  • Make your password hard to guess by using a combination of upper and lower case letters, numbers, and special characters.
  • Change your password often.
  • Do not use the same password with more than one account. Think about it: If you use the same email and Facebook password, and someone found out your Facebook password, they can log into your email and potentially gain access to every single account that that email address is associated with by using “forgot my password” links.
  • Do not write your password down where someone else can find it. Don’t put it on a post-it near your computer. Keep it safe.
  • Don’t tell anyone your password. Even if it is   your best friend or significant other, no one should know your password.

What is phishing?

Phishing is a way for bad people to steal your identity. Phishing scams will send links to you that are supposed to take you to a trusted site. It could be an email that looks like it came from your bank or it could be a link that seems to force you to re-sign into your account to save your account from deletion. No matter the form – it’s a scam. To protect against phishing you should follow these tips:

  • Use trusted security software and set it to update automatically.
  • Don’t ever give any personal information over email or private message. If your bank needs to confirm your account number, call them using the number on the back of your bankcard. Do not reply to email, text, or pop-up messages that ask for your personal or financial information. Businesses that are legitimate will not ask you to send private information over insecure channels.
  • Don’t click on links within emails or in private messages.
  • Login to the company’s website by typing in the URL into the address bar.  Don’t sign in through any links from the email or message.
  • Be cautious of opening attachments and downloading files to avoid a virus.

Examples of Phishing Messages

You open an email or text, and see a message like this:

  • “We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity.”
  • “During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”
  • “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

The senders are phishing for your information so they can use it to commit fraud.

For more information: http://onguardonline.gov/phishing