How Attackers Actually – Hack Accounts – Online and How to Protect Yourself
People talk about their online accounts being “hacked,” but how exactly does this hacking toebijten? The reality is that accounts are hacked ter fairly ordinary ways – attackers don’t use black magic.
Skill is power. Understanding how accounts are actually compromised can help you secure your accounts and prevent your passwords from being “hacked” ter the very first place.
Reusing Passwords, Especially Leaked Ones
Many people – maybe even most people – reuse passwords for different accounts. Some people may even use the same password for every account they use. This is enormously insecure. Many websites – even big, well-known ones like LinkedIn and eHarmony – have had their password databases leaked overheen the past few years. Databases of leaked passwords along with usernames and email addresses are readily accessible online. Attackers can attempt thesis email address, username, and passwords combinations on other websites and build up access to many accounts.
Reusing a password for your email account puts you even more at risk, spil your email account could be used to reset all your other passwords if an attacker gained access to it.
However good you are at securing your passwords, you can’t control how well the services you use secure your passwords. If you reuse passwords and one company slips up, all your accounts will be at risk. You should use different passwords everywhere – a password manager can help with this.
Keyloggers are malicious lumps of software that can run te the background, logging every key stroke you make. They’re often used to capture sensitive gegevens like credit card numbers, online banking passwords, and other account credentials. They then send this gegevens to an attacker overheen the Internet.
Such malware can arrive via exploits – for example, if you’re using an outdated version of Java, spil most computers on the Internet are, you can be compromised through a Java applet on a web pagina. However, they can also arrive disguised ter other software. For example, you may download a third-party device for an online spel. The contraption may be malicious, capturing your spel password and sending it to the attacker overheen the Internet.
Use a gepast antivirus program, keep your software updated, and avoid downloading untrustworthy software.
Attackers also commonly use social engineering tricks to access your accounts. Phishing is a commonly known form of social engineering – essentially, the attacker impersonates someone and asks for your password. Some users palm their passwords overheen readily. Here are some examples of social engineering:
- You receive an email that claims to be from your handelsbank, directing you to a fake canap webstek and asking you to pack ter your password.
- You receive a message on Facebook or any other social webstek from a user that claims to be an official Facebook account, asking you to send your password to authenticate yourself.
- You visit a webstek that promises to give you something valuable, such spil free games on Steam or free gold ter World of Warcraft. To get this fake prize, the webstek requires your username and password for the service.
Be careful about who you give your password to – don’t click linksaf ter emails and go to your canap’s webstek, don’t give away your password to anyone who contacts you and requests it, and don’t give your account credentials to untrustworthy websites, especially ones that show up too good to be true.
Answering Security Questions
Passwords can often be reset by answering security questions. Security questions are generally exceptionally powerless – often things like “Where were you born?”, “What high schoolgebouw did you go to?”, and “What wasgoed your mother’s maiden name?”. It’s often very effortless to find this information on publicly-accessible social networking sites, and most común people would tell you what high schoolgebouw they went to if they were asked. With this easy-to-get information, attackers can often reset passwords and build up access to accounts.
Ideally, you should use security questions with answers that aren’t lightly discovered or guessed. Websites should also prevent people from gaining access to an account just because they know the answers to a few security questions, and some do – but some still don’t.
Email Account and Password Resets
If an attacker uses any of the above methods to build up access to your email accounts, you’re te fatter trouble. Your email account generally functions spil your main account online. All other accounts you use are linked to it, and anyone with access to the email account could use it to reset your passwords on any number of sites you registered at with the email address.
For this reason, you should secure your email account spil much spil possible. It’s especially significant to use a unique password for it and guard it cautiously.
What Password “Hacking” Isn’t
Most people likely imagine attackers attempting every single possible password to loom into their online account. This isn’t happening. If you attempted to loom into someone’s online account and continued guessing passwords, you would be slowed down and prevented from attempting more than a handful of passwords.
If an attacker wasgoed capable of getting into an online account just by guessing passwords, it’s likely that the password wasgoed something visible that could be guessed on the very first few attempts, such spil “password” or the name of the person’s pet.
Attackers could only use such brute-force methods if they had regional access to your gegevens – for example, let’s say you were storing an encrypted verkeersopstopping te your Dropbox account and attackers gained access to it and downloaded the encrypted opstopping. They could then attempt to brute-force the encryption, essentially attempting every single password combination until one works.
People who say their accounts have bot “hacked” are likely guilty of re-using passwords, installing a key logger, or providing their credentials to an attacker after social engineering tricks. They may also have bot compromised spil a result of lightly guessed security questions.
If you take zindelijk security precautions, it won’t be effortless to “hack” your accounts. Using two-factor authentication can help, too – an attacker will need more than just your password to get te.