It is important to be mindful of the information you put out on the internet as hackers may be able to use it to guess your passwords. Making your passwords complex and hard to guess are both good ways to increase your digital security.
Passwords help protect your account from unauthorised access as the person trying to access your account needs to know a specific combination of letters and numbers to access your account. This is why it is important to make sure that you keep your passwords to yourself and make sure they are hard to guess. We tend to put a lot of information about ourselves online detailing many different aspects of ourselves; whilst this can keep our family and friends updated on our lives you could also be unknowingly providing clues about your passwords to would-be hackers online.
Shockingly 15% of the UK population uses their pet’s name in their online password, this gives online hackers a good place to start when setting out to breach your online accounts. It is not only pet names that hackers can gloss from your online accounts they can find a myriad of other pieces of information that give them clues about what you hold most important in your life, a few examples include:
- Your children’s name
- The town/city you grew up in or live in
- Favourite sports team
- Favorite color
- Your Social Media May Be Set To Public: If your social media accounts are set to public settings anything that you post or have ever posted is available to anyone on the internet, allowing hackers to scour social media accounts looking for password clues. Understandably, you’ll want to use a password that you can easily remember which is likely going to be a word that means something to you; in this case, you should use a combination of lowercase, uppercase numbers and special characters within your passwords. This makes it much more difficult for hackers to guess your password.
- You Respond To Viral Photos: Viral social media memes online that ask questions such as “How old were you when you got your first pet” or “99% of people don’t know their mother’s maiden name”. These questions seem fun and harmless which is why many people respond and divulge information about themselves; unknowingly to them, hackers can use this information to attempt to breach their online accounts.
- Phishing: Phishing is where hackers send you an email that may look legitimate but it comes from an email address that doesn’t look like an official email address from the company or there’s something else that doesn’t it right with you. Clicking on links within a phishing email can allow hackers to steal your personal information which may help them breach your online accounts. Hackers have also started sending fake password reset emails, where if the user clicks links on the email they will be redirected to a fake website that is made to look as legitimate as possible. Hackers can access any information that is entered into the fake website meaning that they will have access to your login information and password.
- Phone Scams: Phone scams are where a scammer phones you and claims they are working at a legitimate business, such as your mobile phone company. They may claim that you have been undercharged or they need your personal information for some other reason. If you give over any personal information such as your name, address, phone number or email address you may find yourself being targeted by an increased number of scam communications. Additionally, your information may be used to try to crack your online passwords to allow hackers access.
- Infecting Your Devices With Malware: If you have been clicking on links from phishing emails or visiting unsecured websites without the padlock at the start of the URL, you may have triggered a malware download onto your computer. These downloads are usually not shown to users to minimize the chances of detection. This download could be a type of malware called a keylogger, which records the sequences you type on your keyboard. This means that hackers can find out your login information and passwords for all of the online accounts you log in to using the infected device.
- Dictionary Attacks: This is where hackers combine commonly used passwords with username information they have managed to get their hands on, this is usually done through an automated computer system allowing for greater speed. Over time the automated system can guess the passwords to online accounts if the password is a commonly used phrase in the dictionary.
- Shoulder Surfing: This is where somebody watches you enter your password on your device, this could be at a crowded cafe or the train station but it can also happen within the workplace. Making sure you protect your screen from prying eyes whilst you enter your passwords can help prevent hackers from breaching your devices and online accounts.
- Man In The Middle Attacks (MitM): If you connect to unsecured wireless networks such as the free wireless network at your local cafe or at public transport hubs you may be at risk from a man in the middle attack (MitM), WIFI attacks are another word for these attacks. Instead of using unsecured WIFI networks, you should instead use your mobile data, or if this is not possible you should get a virtual private network (VPN). This helps to mask your online IP address from outside intruders, reducing your chances of being hacked.
- Change Your Passwords Regularly: Ideally, you should be changing your online passwords at least every 3 months for maximum cyber security. You should also ensure that there aren’t any clues on the internet about what your passwords could be. If you have pets or kids you should avoid including them in your passwords unless the password is complex. You can make passwords more complex by adding numbers and special characters, this can make your passwords harder to guess and crack.
- Be Cautious About The Emails You Receive: Before clicking links on emails you should first ensure that the email address that sent you the email is a legitimate one, instead of clicking the link to the company website on the email you should search for the company on Google, you can then contact the company and check if the email you received was actually from them or not.
- Prevent Others Physical Access To Your Passwords: When you are typing your passwords you should ensure that nobody is watching you as you enter your login information, you should also avoid leaving password notes lying around in public places. For example, you should not leave information about your passwords near or stuck to your work computer as this can provide hackers with easy access.
- Use A VPN: Using a virtual private network (VPN) is a good consideration to make whenever you surf the internet, but it is much more important if you plan to connect to any WIFI network other than your home WIFI network. This is because hackers may be able to perform a man-in-the-middle (MitM) attack, where they can steal information from your devices and install malware.
- Be Cautious About Phone Calls You Receive: You have probably received phone calls in the past from people claiming to be from phone or utility companies, they usually try to get you to send them money in gift cards or ask for parts of your passwords/pin codes.
- Pensioners: Fraudsters often target those who are over 75 and are less likely to be tech-savvy, this age group is more likely to be trusting when they receive communication from companies. They may receive a scam phone call that states that there is something wrong with their phone, or they have underpaid their bills and they may send money or give sensitive information out to who they believe is an employee of a legitimate business; only what they may not realize is that fraudsters prey on this trust and scam victims out of significant amounts of money and open victims up to being the target of more scams in the future.
- Young Adults: You may be surprised by this but young adults also report being scammed more frequently than you may think. Usually, this age group falls for identity scams, where the scammer pretends they are from a company and they need the potential victim to send over money or provide sensitive information. Or they claim to be a friend or family member online and say that they are in trouble and they need you to send them money to help them out. Young adults are also susceptible to falling for investment scams. If you have been financially impacted by an investment scam you should contact your bank and investment fraud lawyers who will be able to help maximize the chances of you getting your money back.
There are many things you can do to decrease your chances of your online accounts being breached by unauthorized users, continuing to research different ways you can achieve this can be beneficial for your overall cyber security.