Sharing Does NOT Equal Caring On Social Media
Scrolling through Facebook, you come across one of those posts that get your attention. It’s a fun quiz that invites you to share something about yourself. “Honor a pet who is no longer with you by commenting their name below.” Without giving it a second thought, you type in your pet’s name.
Did you know that the most common passwords include your name, birth date, hometown, or a pet’s name? Do you see the connection? It is easy to be fooled into giving out personal information and it is easier than ever for those with malicious intent to gain that information. Portals like Facebook are helping criminals to get this information more than ever before.
Social media platforms can cause us to let our guard down, thinking we are sharing information only with our friends who would never use it against us. Be aware that these quizzes or cleverly worded posts which cause you to engage by sharing personal details of your personal life are, often, meant to harm.
Social engineering is the act of manipulating people, so they give up confidential information. These social media quizzes or question posts make you a target. Each comes with inherent risk. These bits of information are often the answers to account validation questions. For example, if you have an online account, in addition to entering your password, you could be asked a question so the site to verify it is really you. Many times, these questions ask the name of a favorite pet, a high school mascot or street name. By sharing this information on social media, you are making it easier for someone to gain access to your online accounts.
So how do you protect yourself? It is best not to disclose personal information online. Keep phone numbers, addresses, pet’s names, and birthdays to yourself. Be careful what you post and know who to trust. Just because you are on Facebook with many of your friends, not everything you see in your feed is trustworthy.
You should also be hesitant to engage with another type of post. These do not ask you to share personal information that may be used to guess passwords. Rather, they are targeting by gaining access to you via Messenger. Do you ever see posts encouraging you to participate by sharing the post? “Share this post and a miracle will happen to you today.” You quickly share the post, thinking “What do I have to lose?” The person who originally posted that now has gained access to you via Messenger since you have connected through Facebook.
Messenger is a tool that hackers have used, sending out an enticing invite for you to click a link. The message appears to have come from a friend and so you think it is legit. Many times, the message implies you are part of a video or something similar. This might tempt you to click the link to see. But be careful what you click. These short messages that give very little context and include a link often are malicious.
Click bait quizzes are an easy way for scammers to gain user data, since most passwords include a pet’s name or a street name, paired with a set of numbers like your birth date. These can be socially engineered attacks, targeted to get your personal information to use to hack into your accounts.
One (Simple) Way to Prevent Being Hacked
Keeping your accounts safe is becoming harder and harder. It may be hard to know what to do to keep your information safe. Our best suggestion for keeping you safe, is multi-factor authentication.
What is multi-factor authentication?
Every time you log in or sign in, you are proving to that device that you are who you say you are. Normally that requires a username and password. These are both rather easy to access. Usernames are often email addresses and because we have a hard time remembering all our passwords, often our passwords are too simple. The simpler they are, the easier they are for someone to guess.
Multi-factor authentication is a way to keep your accounts safe. With this, when you sign into an account for the first time from a device, you will need more than just your username and password. You will need another factor to prove who you are. An example of that additional factor is a code that gets sent to your smartphone. You will then be asked to enter that on the site. If someone else tries to login to your account, they may know your username and password, but they will not have your phone with the necessary code on it. If that happens, the site then recognizes that the person trying to log in is not you and they are denied access.
If you are concerned about the extra time and effort it will take to login using multi-factor authentication, don’t. You will not have to do the second step every time you sign in. The first time you do it from each unique device it will require you to take the second step, but after that, your device will be recognized, and it will not ask you for anything other than your username and password. And the benefits far outweigh the amount of time it takes to plug in your second factor that first time from a new device. Having multi-factor authentication will protect you if your password gets stolen. Passwords are often easy to guess and can get picked up by a hacker when you enter them while on public Wi-Fi. Multi-factor authentication ensures that even if your password is compromised, the hacker will not be able to gain access to your account.
New Password Requirements to Help Keep You Safe
AcenTek will be implementing new password requirements for email customers, to increase security. For any new customers creating an email account with us, you will be asked to follow the following rules:
Must be at least 12 characters
Must contain at least 1 alpha character
Must contain at least 1 upper-case alpha character
Must contain at least 1 special character (* $ #)
Must contain at least 1 numeric character
Password cannot contain username
This change goes into effect on December 1, 2021, and will only be a requirement for new email accounts or any customers who wish to change their password. Existing accounts are grandfathered in with their current passwords, but we do encourage ALL customers to update passwords to follow the new recipe, for increased security of your account(s).