Internet security is an issue that has once again been pushed to the forefront with news that Evernote, a cloud service, was hacked this weekend. The hackers accessed user names, e-mail addresses and encrypted passwords. This comes just a week after support desk provider Zendesk was hacked, which led to the e-mail addresses of Tumblr, Pinterest and Twitter users being exposed. Microsoft, Apple, and Facebook were all hacked in February, and Twitter was hacked in January.
Many of these hacks are thought to be the effort of gangs based in Eastern Europe or China seeking to gain information. The information they get can be used to send spam e-mails to users that look legitimate, trying to gain more sensitive information through phishing.
One of the scary things about these attacks is not just that they are the big-name entities that we all have accounts with, but with so many companies linking accounts for convenience, one attack can compromise several accounts. Take, for instance, Facebook Connect, which offers the option to sign-in to multiple websites using your Facebook account. YouTube users are already familiar with signing into YouTube through Google, but now the newly developed Google+ Sign-in also offering users the option to link multiple websites to their Google account, it is one more system that could lead to your account being compromised.
With this in mind, we wanted to remind Internet users to follow some basic security precautions. While many of them will be familiar to you, we also know that some of us have become lax in the name of convenience.
- Use different passwords for different accounts. If one account is compromised, you don’t have to worry about that password being used to access other accounts. When you create passwords, use a combination of letters, numbers, and special symbols. Make it something easy for you to remember, or keep it written down somewhere safe if you think you will forget it. Remember, don’t share your password with anyone, and saving it in your e-mail is a bad idea! Change your passwords on a regular basis. Put an alert in your calendar to change it at least every few months, although monthly would be best.
- When setting up security questions for accessing lost passwords, don’t put in answers anyone can guess. Especially don’t use your password as an answer!
- Do not click on links in e-mails. Phishing attempts often look legitimate, even to savvy Internet users. Instead, go directly to the legitimate website using your browser’s address bar.
- Protect yourself from adware, spyware, and viruses by having the appropriate software on your computer, and keeping it updated. Schedule the software to check your computer at least once a week. Update your operating system when updates are available, and clear your cache at least once a week.
Remember that no website is completely secure, and neither is your computer. Taking a little bit of time to secure your accounts can save you a lot of hassle should your information be compromised. Using a service like LastPass.com can also help you stay more secure by generating truly random passwords and saving them for you. They even have tiers of security that require a USB key to access accounts, so you know no one other than you can access them.
Also, be aware that Social Blade or its employees will never ask you for secure information through e-mail solicitation or on our forums. We will also not call you on the phone without scheduling it in advance. If you receive requests for sensitive information, please contact us through support.SocialBlade.com and we will look into it.