Online hacking is a big risk for everyone making an income on the internet and it’s not only the big earners and businesses that are targeted. Many recent hacking attacks were directed toward the online marketing community and even those with little experience and new to this marketplace were under threat.
online-security-padlock

Since we are working in the internet space, all our data: accounts, profiles, transactions and so on, is exposed and could be violated if there is enough intent and effort involved. But even if you are not tech-savvy, there is still a chance of reducing that risk by taking some extra precautions.

Here are the most common mistakes we make and how to avoid them:

1 – The most common mistake and quoted as the biggest threat by most security experts is basically our own careless attitude to the issue of hacking. Most of us think that we aren’t important enough to be a target thus being complacent about the passwords we use and how difficult they are.

Tip: With the popularity of Facebook and random messaging, literally everyone is a target, even those of us who are hardly making ends meet. Better be safe than sorry, so make sure your passwords are strong, complicated and incomprehensible. A mixture of numbers and letters, capitals and small and a few special characters are all needed to make your password stronger. The best tip someone gave me recently is to use any unique characters or signs that might only be available in your country region. For instance here in UK we use the pound sign £ and many other keyboards don’t have it, so that’s an idea. 🙂

2 – Using the same password for multiple accounts is possibly the biggest mistake by far, but it stems from the above mentioned negligent take on security, hence why it is coming second in my opinion. This is not an official statistic, it is my take on the facts and based on a combination of research and personal experience.

Tip: Use a different password for each account or profile you have, this way if one account is compromised, your other accounts might be safe (depending on the nature of the hack).
The only time I had a hack on my accounts, I allowed the intruder to steal my money from both Payza and Payeer, two finance related services, both with the same password…and to make things worse, the email linked to these two accounts had the same password. Ideal scenario for an easy hack. The emails that were supposed to alert me of these fraudulent transactions were being deleted in real time so I wasn’t able to find out about the fraud until it was too late and my money was gone.

spam

3 – Another common mistake is using public wifi hotspots when on the go or on vacation. Public wifi is never secure enough and is not to be trusted.

Tip: while it’s okay to use that for social media and other non-paying websites, try not to login in your payment processors from a public hotspot if you are not in an urgency

4 – Opening links from messages on social media. Many of us who work in the network marketing domain are exposed to threats simply due to the fact that we communicate with strangers a lot. Learn to spot suspicious accounts early on, check the profiles of the people you are chatting with. 90% of the personal hacks depend heavily on the interaction with the user. A common trick is to send a virus file in a message, that could range from a exe file, to rar or zip or even just a link that is cookied to a different URL which does the damage. It is sometimes very hard to spot the danger immediately, so you must avoid opening any such files and always make sure that the person sending any links is the real person you’re speaking with and that you know them enough to trust that what they’re sending isn’t affected.

Tip : Make sure that they have enough history and a lot of real photos, just look out for any signs of fake activity, whether it be fake profile pics or lack of pics, lack of posts from previous years or months, lack of personal identity in the profile,

5 – Email hacking is still a very high risk factor. You should have a high level spam filtering in place but for us marketers the spam folder is the new inbox, right? So we ought to be very careful with those newsletters and offers we receive from the numerous programs or networks we sign up for. And of course the payment processors. Not a day goes by without receiving a fake email in my spam folder, asking me to verify my PayPal details or something of the sort.

Tip: If unsure about the authenticity of the email, first check the sender details, sometimes it’s obviously a different email address, but it can even be masked as the original sender, so you should always be suspicious of any email asking for confirmation of any details that directs you to a link. Reach out to the sender’s facebook page or website to inquire about the authenticity first. This is a must.

6ac60433ce1cb039a7468392b4778127

6 – Using anti-virus and anti-malware software is an obvious step you’d think but more importantly, you need to have an updated version (or two) of these . There are free ones like  AVG  or paid ones like Norton or Kasperski. I also use  Malwarebytes  to scan for things that anti-virus programs miss. Get one and update it automatically.

Tip : The same goes for your Internet browser. Always have the latest Chrome, Firefox, Microsoft Edge or Safari versions. Don’t just ignore that update request from your browser, do it right away. Some of those updates are security ones. In fact, keep up to date as to which is  the most secure browser  and just use that. Chrome, I’m looking at you buddy.

7 – Username matching your emails or other accounts. I am still guilty of this since I only found out recently that this was an issue.

Tip : You should make your usernames as complex as your passwords. Special characters and all that jazz. It should be unpredictable and not a real word.

8 – Being lazy when it comes to back ups is a bad habit. Why risk loosing important data?

Back up everything. You should constantly be backing up your hard drive, emails and  blog contents  to an external hard drive. If the worst happens and someone deletes your blog content you can get it back up without too much trouble. Imagine if you were relying on a website for your income and it all got deleted?

9 – Not using extra verification is a big setback. Always enable 2-step Authentication on all websites that have this option, especially for financial sites and emails. Whether it be via Google Authenticator or a different one or a text message with the code sent to your mobile, this is a really good feature and is also a must. Do not miss that.

10 – Back to the subject of passwords, here is what Candid Wuest, Threat Analyst at  Symantec has to advise about them:

“Two of the most common and basic mistakes consumers make when it comes to protecting their online assets is not to use strong passwords on all their devices and not applying patches or software updates, leaving people exposed to exploits cybercriminals actively leverage. The most common password of all is simply the word ‘password’. People think they are being clever – but it is one of the first words cyber-thieves try. Other passwords to avoid include children and pet names as well as favourite football teams and dates of birth – all commonly used. A hacker can find such details easily on social media such as Facebook and Twitter.

A better idea to create strong passwords is to remember a phrase – for example, “An Apple a Day Keeps the Doctor Away!”. The sentence as a whole, including spaces, would be the best password to use. If the system is older and only allows for short passwords, then use the first letters and you have a password “AAaDKtDA!”. If you also want numbers in it, then change a letter to a number that reminds you of the letter or replace words. For example, 1AaDKtD1!.

Use a password manager, such as Norton Identity Safe, to help remember multiple strong passwords across all your online accounts. Where possible, enable additional security features such as two factor strong authentication.

So these are all the tips I could think of today. Hopefully this post will make you revise your security and will improve your awareness on the subject.

And before I go, here is a list of the 25 most commonly used passwords according to a survey published by the Daily Telegraph

123456

password

12345678

qwerty

12345

123456789

football

1234

1234567

baseball

welcome

1234567890

abc123

111111

1qaz2wsx

dragon

master

monkey

letmein

login

princess

qwertyuiop

solo

passw0rd

starwars

 

If yours is one of these you might want to take action TODAY.

To find out how secure is your current password, go HERE:

To find out another 500 of the most used passwords [not the latest statistic] go HERE

**************

s2

Reference and further reading:

http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time

https://heimdalsecurity.com/blog/most-common-mistakes-27-cyber-security-experts/

http://www.telegraph.co.uk/technology/2016/01/26/most-common-passwords-revealed—and-theyre-ridiculously-easy-to/

https://howsecureismypassword.net/

http://www.passwordmeter.com/

https://codex.wordpress.org/WordPress_Backups  [back up your blog content]

https://www.mywot.com/en/mobile   [This  can help you  identify if anyone is trying to run a phishing scam on you by showing you what is safe.]

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s