There’s nothing quite like that feeling of dread that slowly envelops you when you realize you’ve been backed. Regardless if it’s just your social media account or something as serious as your bank account or credit card, you can’t escape those first few moments of confusion, anger, and the overwhelming sense of fear. You don’t know how they got your information, what other accounts they’ve had access to, how long they’ve had access, and it’s terrifying. So I’ve come up with a checklist to help you protect yourself from further damage and begin the repairing process.
Do Not Panic
First off, breath. It might sound silly, but you need a clear head to proceed. Panic and fear will only lead to confusion. You can easily forget crucial steps you need to take or repeat ones and waste time.
Change your Passwords
Change your passwords, especially if you use the same password for multiple accounts. You should change your passwords once every 3-6 months. Consider using a password management software like LastPass or KeePass. In the future, set up two-factor authentication when possible.
Identity Theft? Notify Credit Agencies
If your personal information (such as social security number) has been compromised, notify the credit agencies (Equifax, Experian and TransUnion) and request a 90-day credit alert. Activating this tells businesses to contact you before any new account can be opened in your name. This alert can be renewed every 90 days. It can also stay in effect for seven years – so long as your identity has been stolen, and you’ve filed a report with the police.
The Federal Trade Commission also offers some excellent advice and includes details on how to get your life back after your identity has been stolen.
Monitor your Credit Card Bills
Monitor your credit card bills and double check any charges you don’t recognize. Criminals are known to make small charges to begin with, hoping they’ll go unnoticed, before running your card for something really big. If you see a charge you didn’t make, call the credit card company and alert them right away.
If someone has already stolen your identity and opened an account, immediately contact the credit issuer and have the account closed. Dispute any charges that were made. Request your credit report from one of the three credit agencies and ask for any unauthorized accounts or incorrect information be removed from your record. This will help preserve your credit score.
Submit your report through the FTC website and keep copies of all your reports and correspondences with these agencies. Record everything, use certified mail and get delivery receipts. Most of the places you’ll need to call will have a notice, “This call may be recorded for quality assurance purposes”, but don’t rely on them for recording the conversation. Record the call yourself, but be sure to inform the person on the other end of the line that you are recording the call. Check your state for telephone recordings laws.
Check the Sent Folder in your Email
Check your sent folder of your email and look for any messages that may have gone out that you didn’t send. Hackers might request personal information from banks or send viruses to your friends. If you see anything suspicious, contact the recipients and let them know.
If the hacker has gained access to your account and locked you out by changing the password, you’ll need to contact the email provider and prove you’re the rightful account holder. And remember, if you’ve used your email address and the same password for other websites, those are all compromised as well. Change those as fast as you can to beat them to the draw. Even if you don’t use the same password for those accounts, the hacker can still use the “forget my password” feature and have a new one email to them.
If you’re concerned, your computer may have a virus, avoid making online purchases until you have run comprehensive anti-virus and malware software. Some virus installs keyloggers on your computer, letting the hacker see every keystroke. Typing in your credit card information is all they would need.
Images from Shutterstock.
This Tool Lets you Scan the Dark Web for your (Stolen) Personal Data
A recently revealed a dark web scanning service was launched in the UK. The service is called OwlDetect and is available for £3,5 a month. It allows users to scan the dark web in search for their own leaked information. This includes email addresses, credit card information and bank details.
The service reportedly uses online programs and a team of trained experts to scan hundreds of thousands of dark web websites in order to look for their customers’ data. If any personal data is found, the company helps its users act in order to keep themselves safe. It was launched in an attempt to remove reliance on big companies, as users usually only know they were hacked after these companies make it public.
In a few cases, however, the information is revealed a long time after users are hacked. Earlier this year, Yahoo confirmed that, at least 500 million user accounts were compromised by what they believed to be a “state-sponsored actor”. The breach reportedly occurred in 2014, so it took users two years to know they were hacked.
Chairman of the National Cyber Management Centre, and member of OwlDetect’s advisory team, Professor Richard Benham said:
Today the risk of having your personal information compromised is greater than ever. From messaging apps to online shopping and dating websites, we trust a huge number of companies with our details, and there are endless opportunities for those details to fall into the wrong hands.
Crawling the Deep Web
The deep web is, as we all know, beyond the reach of regular search engines. That may be about to change in the future, as more and more tools keep on claiming to be able to crawl it in search for specific information.
According to their website, this new service has a database of stolen data. This database was created over the past 10 years, presumably with the help of their software and team. A real deep web search engine does exist, however.
A few days ago, Hacked.com reported how the Department of Defense’s deep web search engine was to be enhanced by a recent acquisition. This search engine, named Memex, is reportedly able to crawl 90 to 95% of the deep web, presenting its search results in sophisticated infographics.
Image from Shutterstock.
Facebook Looking into “Disrupting Economics” of Fake News Sites
In a Facebook post Friday night, founder of the popular social network Mark Zuckerberg took time to outline the steps the company will take to tackle its “fake news” problem, which has been a hot topic in the wake of the election. One way the social media behemoth plans on doing that is by making sure fake news sites can’t profit.
Mr. Zuckerberg calls it “disrupting fake news economics.”
“A lot of misinformation is driven by financially motivated spam,” he posted. “We’re looking into disrupting the economics with ads policies like the one we announced earlier this week, and better ad farm detection.”
Mr. Zuckerberg underscored that Facebook takes “misinformation serious” and reinforced the company’s goal “to connect people with the stories they find most meaningful.”
The social media tycoon admits “We’ve been working on this problem for a long time.” There’s more work to be done, he says.
“Historically, we have relied on our community to help us understand what is fake and what is not,” he wrote in the long post. “…The problems here are complex, both technically and philosophically. We believe in giving people a voice, which means erring on the side of letting people share what they want whenever possible. We need to be careful not to discourage sharing of opinions or mistakenly restricting accurate content. We do not want to be arbiters of truth ourselves, but instead rely on our community and trusted third parties.”
Mr. Zuckerberg claims the percentage of misinformation is small, then outlines what Facebook will do, including stronger detection, easy reporting by users, third party verification via fact checking organization, warnings for stories flagged as false by other users, and raising bar for articles which appear in related articles suggestions.
“Some of these ideas will work well, and some will not,” he admits. “But I want you to know that we have always taken this seriously, we understand how important the issue is for our community and we are committed to getting this right.”
Image from Shutterstock.
LastPass Password Manager Goes Free Cross-Platform
LastPass, arguably the most widely used password manager around is passing on some welcome news to its users. Starting Wednesday, LastPass users will be able to sync their passwords across multiple devices and platforms, for free.
The cross-platform sync for users’ credentials, previously a perk enjoyed by paying members, will now be enabled for all users and members on the free tier can start using the feature immediately across on multiple devices beyond their desktops or laptops.
Launched in 2008, LastPass has come a long way in becoming a ubiquitous name in password management. Joe Siegrist, founder and general manager of LastPass who made the announcement , sees the move enabling good password habits into becoming the norm. Using a password manager that works everywhere across devices and platforms, he notes, will help users with a strong foundation for securing their identities.
LastPass protects users’ credentials (usernames and passwords) and other data in a vault that’s secured by a master password. The data is encrypted with AES-256 bit encryption with Sha-256 salted hashes, which enables encryption and decryption to take place offline.
The announcement makes for a significant move for LastPass, the second in as many years. In August 2015, LastPass announced that it would enable users to manage their passwords, for free, on any one device. The popular choice was, of course, between desktops or smartphones. Now, users will merely have to put up with ads to use LastPass on their mobile devices once they’re out and about, away from their desktops or laptops.
Just under a year ago, LastPass was acquired by remote-access management provider LogMeIn, in a deal worth $110 million. This year, LastPass was proven to be vulnerable through a phishing attack. Since the revelation, the company has revamped and strengthened its security framework, before eventually launching its own two-factor authentication app, comparable to the likes of Google Authenticator and Authy.
Image from LastPass.
- Daily Analysis: Dollar Rally Continues amid Fed Chair Confusion October 17, 2017
- Technical Analysis: NEO Jumps as Broad Markets Turns Lower October 17, 2017
- Trade Recommendation: Syscoin October 17, 2017
- Trade Recommendation: Lisk October 17, 2017
- Information on Russia’s Regulation of Cryptocurrency Surfaces October 17, 2017
- Gold Creating Kilonova October 17, 2017
- Asian Market Update – Tuesday: Cryptocurrency prices consolidate after strong rally October 17, 2017
- Former Fed Chief Bernanke Backs Blockchain, but Not Bitcoin October 17, 2017
- Bitcoin Takes a Breather as Prices Drop Below $5,700 October 17, 2017
- ICO Analysis: Genesis Vision October 17, 2017
Ethereum1 week ago
Ethereum’s Hard Fork Is Coming
ICO1 week ago
ICO Analysis: TripAlly
Analysis5 days ago
Analysis: Bitcoin Price at $5200, How Much is There Left in the Tank?
Analysis4 days ago
Technical Analysis: Ethereum, Monero, and Litecoin Jump as Bitcoin Goes Parabolic
Analysis2 days ago
5 Things to Watch Next Week: Byzantium, Bitcoin Stretched, Gold’s Strength, The Next Fed Chair, Kirkuk and Crude Oil
Cryptocurrencies6 days ago
Trade Recommendation: Monero
ICO3 days ago
ICO Analysis: UTRUST
Analysis5 days ago
Technical Analysis: Litecoin Follows Bitcoin Higher as Market Tops $165 billion