CLICK CLACK, YOU’VE BEEN HACKED
Think it won’t happen to you? Don’t be so sure. Before you do another thing, do the due diligence to prevent it.
How it happens – and how not to be a victim
How many emails like this have landed in your inbox?
Hey, Today’s your chance to get access to something that’s beyond GREAT. Once it’s up and running, it’s like you’ll get $7,515.01 made from DOING NOTHING: Look inside of there and go to get FREE ACCESS NOW. Best regards, Richelle It was complete with a link, which we haven’t shared with you because we understand the compulsion to do exactly what we’re not supposed to. But we all know to delete this kind of mail, right? Right?!
But that’s just one way a hacker can install a piece of software on your computer. And if the perversely named ‘WannaCry’ worldwide cyberattack earlier this year is anything to go by, we’re not doing enough to prevent it.
To refresh your memory, in midMarch, more than 230 000 computers running the Microsoft Windows operating system were infected. Huge organisations were hit, among them courier service FedEx, German railway company Deutsche Bahn and Spain’s mobile network company Telefónica. Surely they should have known better, especially as Microsoft had discovered the glitch that the WannaCry ‘cryptoworm’ would later exploit, and had released patches. But clearly most folks ignored these security updates. Then one day, WannaCry victims switched on their computers to find a demand for payment in bitcoin to see their files restored.
So how is the ransomware spread? Usually, it comes your way through attachments sent with unsolicited emails, or when you click on a link in an email that’s from a bank – or Richelle. Sometimes, it’s from a source that sounds pretty convincing. It’s even passed on through the activation keys for software such as Adobe Photoshop or Microsoft Office. Another way the infection spreads, for the more tech-savvy among us, is via peer-to-peer (P2P) filing-sharing networks. Yes, that’s you, if you’re downloading books, music, movies and games using a P2P software program to get these free. To give you a sense of how pervasive this practice is, here’s a stat from the Solutions Research Group: by January 2006, 32 million Americans over the age of 12 had downloaded at least one movie from the internet, and 80% of them had done this using P2P. Who hasn’t received downloaded music, movies or series from a techie friend, even if they haven’t done it themselves? Okay, so everyone, then.
Depending on its programming, ransomware can turn the text in your files into gobbledygook or lock your screen. Ransomware is not the only form of cybercrime – if you have a computer and an internet connection, you’re vulnerable to hackers getting hold of your personal information to commit fraud like getting credit or running up bills in your name.
But don’t let this be your problem! Back up your files so you have copies. Download from trustworthy sources, and avoid using public WiFi networks if you can. Update the anti-virus software on your computer. Don’t respond to messages asking for money, passwords or to verify personal information – often, a sense of urgency is a telltale sign. Ever had a mail from a bank telling you someone has tried to access your account, and to click on
a link as a safety measure? Nothing safe about that. Don’t leave your computer unlocked and unattended. Think twice about what you share on social media; you don’t want hackers to get info they can use. Take care offline too: shred paperwork that contains your info. Being lazy about securing your info plays right into the hackers’ hands. Here’s some further advice:
Create a strong password
Setting up a password that hackers can’t breach is key. Yeah, yeah, we’ve heard all the advice on setting up a good one. And since you need so many passwords – for your phone, bank account, email, online shopping – it’s tempting to default to words or numbers that are easy to remember.
Long means strong: if there are more characters in your password, it’s more difficult to hack. Mix upper- and lower-case letters, intersperse them with numerals and include special characters. Even though words are easy to remember, they also make your password easier to hack. Don’t use personal info like your dog’s or child’s name – you might have shared this on social media. And even if you tick off all the pointers, that’s not good enough. The latest suggestion is that you come up with a passphrase, which strings random words and characters together. LastPass (we’ll get to them in a moment) suggests this sort of thing: my dog fi do’ s birthday is november 19 or my vacation2 paris-was incredible. Our IT guys take this a step further: say you choose a phrase like My first house address was number 14 Apple Street. Take the first letters and numbers as your password – Mfhawn14AS – then add a special character like @. So you get Mfha@ wn14AS. Bingo! Just don’t share it!
Also, change your password every few months, and don’t use the same one for all purposes. Yes, it’s a tall order – but there’s an app for that!
Use a password manager
So you use the same password to access your computer or inbox for every other account too – imagine if you were hacked; that’s an easy pass for the hacker to have his or her wicked way with your life (or money). ‘Ah, but I change a couple of characters from one password to the next,’ you say. Sorry, still weak. Enter the password management apps. As the tagline for the LastPass app goes: ‘Just remember your master password and LastPass does the rest.’ You create one password that’s long, strong, ‘uncrackable’. The app then creates a unique password for every account you need. If one account is breached, the others are safe.
Then there are the likes of Keeper (paid app but highly rated by reviewers and the most downloaded) and Password Manager Vault (paid app, and highly rated) that allow logins using fingerprint recognition (Touch ID). The best rated is Passible Password Safe Lock, for use on Apple devices, deemed ‘the best password management app, hands down’ by
DailyTekk magazine, and winner of Apple’s Editor’s Choice Award. (And it’s available in Afrikaans, nogal.) A Keeper reviewer sums up the benefits of a password manager: ‘I used to write down passwords and kept them in my wallet – until it was stolen! I uploaded the Keeper application and since then my life has been less complicated.’
Set up two-factor identification
In addition to a username and password, a code is sent to your cellphone before you can log into your account. So even if someone knows your password, they won’t be able to do anything with it. You’ve probably been using a form of it if you buy online, as most banks now require you to key in a one-off pin they send via your phone.
Yes, it’s a bit of a schlep to set up, but it’s not half as much of a schlep as being hacked. Choose from Google Authenticator, Authy, LastPass Authenticator – all free.
Here’s a useful tip for Facebook too: it has a system called Login Approvals that functions along these lines: go to Settings, then Security, then click Edit next to Login Approvals, then Enable.
Play it safe!