In the week where we all wonder whether our baby photos, food photos and selfies are going to be stolen and leaked onto the internet and subsequently go viral (I would be surprised), we thought it would be useful to look at how a lot of phone hacking / iCloud hacking actually occurs and what you can do to make yourself less vulnerable to it.
So how does a typical “hack” occur?
1. Password reset i.e. they guess your secret questions / answers.
2. Phishing email i.e. you are tricked into going to a dodgy website.
3. Password recovery i.e. they manage to guess your password
We should point out in a lot of cases, the people doing this just have a lot of time on their hands rather than being master criminals and therefore a few simple steps can slow them down and make them much more likely to leave you alone and move onto the next person.
There are a number of ways you make this harder for them, you can start by ensuring you use different questions on different sites, don’t always go with your mothers maiden name. You can also just make up the answers, your Mum’s maiden name maybe Smith by why not put down ShepherdsPie – it will take a fair amount of guess to get to that answer.
The best way to stop this is being as skeptical as possible. What is the from address on the email? If you hover over the links – does it take you to the actual website or some weird looking link? Does the email have some information that makes it more likely it is real, for example, your postcode. If it a link to eBay / Apple etc – go to their website directly don’t click on the link in the email.
The best way to prevent someone guessing your password is to make it complex and change it often. It may be a bit annoying having bc)SmHZ@k-es~XZ as a password but it does mean it is less likely to get “hacked” than password1. One other piece of technology that is growing in availability that helps protect against someone guessing your password and logging is two factor authentication. This is effectively the same technology banks use with their card readers etc and means that you need your password and a seemingly random code to enter your account, lots of services now have this available so where it is, I would certainly encourage the use of it.