It’s Facebook’s FAULT — NOT mine!
The other day one of my friends on Facebook posted; "…S
omehow my
Facebook account got hacked and one of my friends has been putting bad things on here about me!!! Not sure how it happened, but I am totally disgusted!!!!!! It’s making me want to cancel my whole facebook account."
Now come on…is it really the fault of the Facebook developers that this happened? They have tools in place to keep this from happening, but they honestly can only do so much. It’s kind of like the old saying, "You can lead a horse to water, but you can’t make him drink."
There will always be bad people out there living very sad lives just waiting to take advantage of a situation. In the case above, Facebook isn’t the problem. It’s merely the conduit or transport device just as email, websites or the U.S Postal service could be. The simple fact of the matter is that the vast majority of fault rests on the user. You are your own guard at the gate!
How do these "unauthorized" access issues happen? Well, it seems that even after all this time and all the warnings, users are still not taking the security of their Facebook account seriously. Every day, users are leaving gaping holes in their personal online security and wide open access to their personal information.
You put yourself at serious risk if you do any of the following:
-
continually use simple passwords
-
neglect to rotate your passwords every 30 days (at a minimum)
-
allow internet browsers to save passwords
-
leave desktop/laptop unlocked when walking away
-
leave WiFi networks unprotected
-
use simple unlock instead of a password for Smartphones/tablets
-
leave Smartphones/tablets unattended with apps still running such as email, Facebook, Twitter, etc.
-
leave Bluetooth discovery enabled
-
you are completely and utterly naive!
Continually use Simple Passwords
Passwords should, at a minimum contain:
- Upper and lower case letters
- Numbers. Avoid using a password that follows logical order like your birthday, child’s birthday, and your anniversary.
- Mix in some symbols (such as @%^&*) and it should not contain any repeating sequence of number or letters. An example of an extremely strong password is w8e#QcRg<$wx9.
If you feel that you can’t come up with a good password on your own, there are resources online that can help you. Do an online search for "Password Generator" and you will find plenty of options to choose from. Personally, I use a little tool called
RoboForm. They offer a multitude of solutions, even for your mobile device.
Neglect to Rotate your Passwords (at least) Every 30 Days
This is just a good practice in general. DO NOT write your password on a sticky note and paste it on your computer screen, on a notepad or keep in your desk drawer. Those are the first places even an idiot will look. Not to mention, it’s probably the same password you are using for multiple sites.
Allow Browsers to Save Passwords
This has to be one of biggest ways Facebook accounts are compromised. Yes, I agree that it’s convenient, but come on! Doing this is like leaving your house with the doors and windows wide open. Anyone stopping by your keyboard now has access to all the websites you use that require a login. Not to mention that, if you have allowed your browser to capture your credit card and/or bank account information for shopping convenience, the next keyboard visitor now has access to everything. Even worse, they now have the ability to completely assume your identity and change it all; from site logins to email passwords.
Seriously, if you have allowed your browsers to auto fill information and site logins, turn it off now! You never know when someone might gain access to your computer. Given the right circumstances and opportunity, even close family members and friends may make poor choices.
Make sure institutions and public access locations have disabled the option to allow browsers to save passwords!
Leave Desktop/Laptop Unlocked when Walking Away
This goes hand-in-hand with the previous. Enable a password and get in the habit of locking your terminal when you walk away. Large corporations have nightmares about this security problem. Imagine it’s lunch time and you get up from your desk to grab your brown bag from the fridge. While you’re sitting in the lunch room with a bunch of other staff members reading the latest edition of Glamour Magazine on your tablet, Jimmy sits down at your desk. Maybe he is next in line for your job or you have inadvertently done something to displease him.While you’re sitting there reading the latest celebrity gossip and planning some wardrobe updates, Jimmy is sending an email on your behalf to the corporate address book and making a career ending post to the corporate Facebook page.
Leave WiFi Networks Unprotected
There are more wireless networks out there than ever due to laptops and IPhones. Go ahead, drive around your neighborhood with your laptop or mobile device. Now, stop alongside the curb or in a parking lot and try to connect to the internet via WiFi. You’ll probably be surprised how many show up and even more surprising is to see how many let you in. If one of those is your network and it’s unprotected, attackers have easy access to your computer and files.
Recently, I stopped at a business that had just opened. I sat down at a table and pulled out my laptop to do a little work while I waited for my order to be delivered. When I went to connect to their wireless network, I was stunned to realize that there was no password required. In fact, it asked me to setup a network! Basically, the unit was simply plugged in and left alone. No one had set up their wireless network, which ran their juke box, cash registers and office computers. This is making it far too easy for hackers to gain private information about all of their customers.
Now I do have to admit, from my investigation, that I was surprised to discover that this has actually gotten much better. Even though there are more WiFi networks than ever, the cable companies are doing a good job of making sure networks are locked down. For the most part, all of them have some sort of default password already set up; but, it’s still better to be safe than sorry!
When you get your internet setup, ask the technician to show you how to go in and set your own password for your network. If you bought a router on your own and don’t have a clue on how to set it up, do yourself a favor and either give us a call or contact the manufacturer to help you set it up.
Use Simple Unlock Instead of a Password for Smartphone/Tablet Devices
I’m betting most of you out there have one touch screen device that uses the simple "slide to unlock" feature to access your device. Trust me when I say that anyone, even toddlers, know how to unlock these. These mobile devices often contain the same amount of personal information as your desktop or laptop computer. Many times, even more. Especially if you are using some type of electronic wallet to purchase products or apps.
Save yourself a lot of trouble now and put in some type of password to unlock your device
Leave Mobile Devices Unattended with Applications Still Running
This is not only a big problem, it is also annoying. Many of these devices use an Operating System that either:
1) don’t seem to understand that when I "CLOSE/EXIT" an application, that I want it to STOP; or
2) need the application to continue running so that it can collect data about you such as where you are. This functionality or lack-there-of, not only opens you up to attackers, but it can significantly reduce the life of your battery.
Since I’ve been doing a lot of betting throughout this article, here is one more. I bet the vast majority of you that have Smartphones and Tablets don’t know how to go in and shut them down or even see what applications are running.
Similar to the scenario above about Jimmy, all you have to do is get up from your desk for a moment to pick up a paper from the printer or go to the restroom. Later, you will discover why there is a post on your Facebook account that says, "I just took a poop."
If you don’t lock your device and walk away, you’re just asking for trouble.
Leaving Bluetooth Discovery Enabled
Bluetooth is a "short" range, 2-way wireless transmission service. Almost all Smartphones and Tablets have it pre-installed and it’s a simple add-on for most desktop or laptop computers. Bluetooth is most often used to wirelessly connect computers and mobile devices to printers, WiFi signals, MP3 players, headsets, headphones and other mobile devices.
Bluetooth has been around since 1994 and is currently on Version 4.0 which adds a ton of functionality and decreased power consumption. Yes, this is an almost twenty year old technology, but most people still don’t really understand it. If you are one of those that don’t "get it" , let me make this as simple as I can. It’s an invisible cord/cable. That all, it’s just that simple.
Let’s take into consideration the two key concepts from above: 2-way transmission & invisible cord.
Now, let me state that in a longer more specific statement: Bluetooth allows for 2-way communication (send & receive) between 2 or more devices over a distance of up to 100 meters as if an invisible cord/cable were connecting them.
So now, finally to my point. If you have Bluetooth enabled and it is set to "Always Visible", you have essentially granted hackers easy access to your device and the data stored within from as far away as a football field.
Not sure if yours is set to on? Simply look in the upper right hand corner of your mobile device (lower right hand corner for a PC or Laptop) or near the other icons such as batter/power and signal. Another prime indicator might be that pretty flashing blue light that you like so much.
You are Completely and Utterly Naive!
Do NOT take everything for granted. If it sounds too good to be true, it probably is. If it seems a little odd, go with your gut instinct and DON’T do it.
Don’t blindly click a link just because your bestie sent it to you. Some hyperlinks can be used to allow others to hack your Facebook account. If you receive an email about your personal finances (i.e. your bank, paypal, IRS) or a notification that an attempt to deliver a package was made or you have won a prize and the message includes some type of link; 1st) DO NOT CLICK ANYTHING.
Stop and think for a minute. If it’s from the IRS, the link would end in irs.gov. If it is from PayPal, it would be Paypal.com. If it is from your bank, it would be Bankofamerica.com. If you have any doubts, go to your browser and do a Google search for the main page.
Now go back to your email (DON’T CLICK ANYTHING) and just hover your mouse over the link. A little pop-up either next to your cursor or in the lower left of your screen will show where the link is going to take you. Here, give it a try on the samples below
CONGRATULATIONS – You have been selected as the winner from the sweepstakes you entered!! You have won one of 3 exiting prizes and may select your choice NOW! Click >
HERE< to visit the Sweepstakes page and select your gift!
Over the past couple of months, we at Big Bank have noticed a dramatic increase in the number of attacks on our customer account. In order to prevent this from happening to you, we encourage you to click the link below and update your account access security information. Once you have done so, we suggest that you keep this link handy and change this information every 30 days for your personal safety. Thank you for helping to put a stop to unauthorized account access!
The same applies to links posted on Facebook, Twitter, etc. Don’t be fooled by the URL shorteners like bit.ly, FB.me, find.ly, goo.gl and ow.ly. Most of the time, hovering over the link will show the real web address.
For the most part, the links themselves are safe, but it’s the content on the page or what they want you to do once you get to the page that is the problem.
My example above, is the basic format of an email sent by someone trying to gain access to accounts. If it were "real", the link would probably take you to a page that the hacker has tried really hard to make look "official". Then, the page would ask you for personal information like your account number, social security number, drivers license, credit card/debit card numbers, your pin codes, your online account login and password.
Once you click "submit" or "send", you have given away almost everything needed to make your life financially difficult for a very long time. All that money that you worked hard to obtain could be gone in a matter of minutes!
Here is a rule of thumb I often use, if there is any doubt….DON’T!
Posted by: Jeff Wallace
Let’s focus on the keyword “building relationships” when discussing Facebook posts. Meeting people online on social media sites such as Facebook should be viewed the same way as if you’re meeting someone new at a local coffee shop. Most people get to know the other person at their own pace. After time and when trust is earned, they will begin to share and promote their ideas and or products.
.png)
.png)
