The Latest Facebook Hack: How Not To Be A Victim of the Next One Or Of Targeted Phishing

Hacks have become a part of online life, especially for those who live large on social media. In its most recent attack, Facebook admitted that 14 million users had sensitive information stolen, including birth date and place, religion, geo-location, and recent search history. They also claimed an additional 15 million had just their names and contact information stolen. If that weren’t bad enough, the social media giant confirmed that user accounts are hacked 600,000 times a day during logins. That’s .06% of the more than 1 billion logins Facebook gets daily. Facebook has certainly had its share of hacks making the news, but this latest event leaves many users wondering if they should continue using it. Should users choose to keep their accounts active, the concern is how to keep as safe as possible going forward. There is no shortage of safety steps to take and it’s more important now than ever to get smart.

Although Facebook claims to have acted quickly to secure user accounts, you can’t go wrong with first changing your password–even if you’re told your account wasn’t affected. Overall, the biggest hurdle to overcome is the amount of honesty users put into their profiles and posts. Remember, hackers don’t only use Facebook data against you. The details you provide and post anywhere online leave threads hackers can follow. From there, they build individual profiles that are packed with your data–including birth date and place, friend and family names, affiliations, and interests–and that’s just for starters. The more hackers know about you, the easier it is to manipulate you into opening phishing emails loaded with malware. They don’t hesitate to use social media information to target you with emails catering to your interests, otherwise called spear-phishing.

When changing passwords, follow these best practice guidelines for creating them:

-Use no less than eight characters
-Include upper and lowercase letters
-Include at least one number and one special character, such as a “!” or “%”
-Avoid using details about you or your family, such as birthdates
-Use a different password for every single site you visit, even if you think it may be unnecessary. It is necessary.
-Don’t use dictionary words or phrases. Try creating a base password of six characters and adding onto it using letters from the website domain name.

Below are suggestions from cybersecurity experts that get to the heart of reducing the impact of the next hack.

Lie to protect the truth. Other than using your real name, don’t be truthful about anything when building your profile–like date and place of birth, hometown, school, or even your pet’s name. Even with security questions, don’t use true answers. The sad truth is that social media hacks have proven time and again that facts don’t pay, and if anything, they can end up costing you big-time. Come as close to the truth as you like, but remember once it’s out there, it can easily wind up in the wrong hands and it can never be deleted from the web entirely.

Don’t post it. Be careful not to post anything you wouldn’t want broadcast on the nightly news. If you have to wonder about whether or not to post something, don’t do it. Hackers constantly troll the Internet, and any post you may later regret can be used against you today–even if you eventually remove it. Hackers love ransomware and blackmail options that TMI (Too Much Information) provides.

Suspect everything. That includes invites to a website from a “friend of a friend” and tempting links and attachments. It’s safe to assume that anything you don’t expect is in reality hacker bait–something that’s based on what hackers already know about your interests. Better safe today than sorry tomorrow.

Stickley on Security
Published November 1, 2018