Work & Career
16 Clear Signs You’re About to Be Hacked
These are the most common cybersecurity missteps that will make you vulnerable to an attack.
You get contest information you didn’t sign up for
“Don’t respond with personal information (social security number, credit/debit card info, banking info, address, phone number) to contests, raffles, and other web forms that you didn’t explicitly sign up for. Don’t click on links in text messages from numbers you do not recognize.” —Rene Kolga, Senior Director of Product Management at cybersecurity tech company Nyotron. Here are 20 tricks hackers use to scam you.
You got a suspicious email and phone call
“Today’s hackers often use a coordinated hybrid approach that includes the computer, phone, and other means. For example, a person will call you on the phone, claim to be from your bank, and ask you to update your credentials because they’ve just updated the system. If you say you’d prefer to do so via a website rather than over the phone, they’ll give you the URL to a site that looks exactly like your bank’s site, but isn’t.”—Mark Gazit, CEO of ThetaRay, a provider of big data analytics solutions
You have the same password for everything
“When we recycle passwords, we increase the chances that hackers gain access to not one, but many of our online accounts. Instead of repeating an easy-to-remember password across multiple sites, a user should choose a unique password for each site. Or use a password manager.”—Ashley Boyd, VP of Advocacy at Mozilla. Learn these tech myths that you need to stop believing.
You believe unbelievable deals
“When presented with unexpected offers, ask yourself whether it’s too good to be true. Would I trust this person/situation if it were to happen in the physical world (e.g. offline)? Ask for a second opinion from a technically savvy friend, colleague or a family member.”—Rene Kolga, Senior Director of Product Management at cybersecurity tech company Nyotron
You engage with suspicious emails
“If you receive a suspicious email from a friend’s email address, don’t reply, ‘Is it really you?’ because the fraudster will answer ‘Yes.’ If a suspicious email from your bank contains a phone number, don’t call it. Instead, look up the bank’s phone number in the Yellow Pages or Google it.” —Mark Gazit, CEO of ThetaRay, a provider of big data analytics solutions. Be wary of these 10 online scams you need to be aware of, too.
You have a weak password
“Most people are afraid of forgetting login information, or they simply don’t feel their password use is a security risk. When someone is apathetic towards passwords, they resort to weak password behavior leaving themselves open to risks. People create short, easy to remember passwords and then reuse those passwords across accounts. In addition, most individuals haven’t changed a password in the last year even after hearing of a breach in the news. That same research found that 15 percent of consumers would rather do a household chore and another 11 percent would prefer to sit in traffic than actively change their passwords.”—Rachael Stockton, director of product marketing for LastPass
You don’t think it could ever happen to you
“Assume you will be hacked, because one day you will. You can’t assume that because you live a quiet, low-profile life that you will not be a target.”—Mark Gazit, CEO of ThetaRay, a provider of big data analytics solutions
You never update your apps and OS
“Software updates are like oil changes—they may seem bothersome at the moment, but they prevent major problems down the line. By neglecting updates and running older versions of software, you could be operating programs with known vulnerabilities.”—Ashley Boyd, VP of Advocacy at Mozilla. Don’t miss these 10 ways to protect yourself online so you don’t fall victim to a scam.
You left your computer unguarded in a coffee shop
“A combination of leaving your computer unlocked in a public space and storing passwords in spreadsheets or documents on your computer can leave you very susceptible.”—Tom DeSot EVP, CIO of Digital Defense, Inc.
You gave info to an unencrypted site
“Entering sensitive information—like your credit card number—on an unencrypted website is risky. When entering personal information online, ensure the site is encrypted. How? Browsers like Firefox and Chrome will put a lock icon next to the URL to signal if a site is encrypted. Or, check to ensure the URL is ‘https’ not just ‘http’.”—Ashley Boyd, VP of Advocacy at Mozilla. Find out the other signs that shopping sites are fake—and about to steal your money.
“Many people cannot be bothered with entering additional information to verify their identity. They want to access their accounts in the most efficient and quickest manner possible. Unfortunately, this comes at a potential increased risk. The typical manner to access an online account is a username and password. So if an attacker gains access to this password they have access to your account. Enabling MFA [multi-factor authentication] on critical accounts such as online banking or email helps to minimize this risk because the attacker now needs another piece of information to access your accounts. Not all MFA’s are created equal. A common choice is to receive a code via a text message (SMS). This is not the most secure manner to use MFA, as an attacker can port a phone and receive the verification pin to access your account (as mentioned above). The better option is to have an authentication application such as Google Authenticator which allows you to enter a pin directly from the application.”—Will Mendez, Director of Friedman CyZen LLC, a cybersecurity consulting company
You ignore account alerts
“Many people do not pay enough attention to alerts they receive concerning changes to accounts, especially password changes. This can be a sign of someone trying to access your account by resetting your password. If you notice an alert and you do not remember requesting a password reset, then call your provider immediately.”—Will Mendez, Director of Friedman CyZen LLC, a cybersecurity consulting company
You are doing your banking via public Wi-Fi
“A common mistake that we see consumers make that puts them at risk for being hacked is connecting to unsecured Wi-Fi hotspots. While it can be convenient to plug into free Wi-Fi while on-the-go, it is very easy for attackers to intercept internet traffic sent over an unsecured network. Some cybercriminals even create fake Wi-Fi hotspots in public locations in an attempt to steal data from those who connect. Avoid connecting to Wi-Fi networks that are not password protected, and never connect to banking or other sensitive sites when on any public Wi-Fi network.”—Brian Anderson, a security expert at Kaspersky Lab North America
You don’t have a passcode on your phone
“Sure, everyone knows it’s more than just a good idea—it’s the smart, responsible thing to do—but still, so many people fail to put a passcode or password on their smartphones. A recent survey by Pew Research found that 28 percent of smartphone owners say they do not use a screen lock or other security features to access their phone. But even if you (mistakenly) think you have nothing to hide, remember that your phone holds troves of data regarding just about everything in your life—from your bank accounts to your grocery shopping lists. Without a passcode or password, it’s just an open book, waiting to be hacked.”—Andrew Newman, Founder of Reason Software
You never back your stuff up
“Getting hacked is very possible, so always make backups of your important data! Do it at least once a week, if not more often.”—Daniel Dolev, Berthold Badler Chair in Computer Science at the Hebrew University of Jerusalem and a member of the scientific council of the European Research Council
You give away too many hints on social media
“Posting sensitive information on social networking profiles like your date of birth, your pet’s name, family names—these can all be used against you.”—Jason Hart, VP and CTO for Data Protection at Gemalto. Now, find out the phone call scams that you should avoid, too.