Wednesday 24 October 2012

Oh my god, I’ve been hacked

Your social media account is suddenly spamming people like crazy, all your friends are badgering you, sending you lots of messages that you’ve been hacked! Well often as not you haven’t, you’ve been click-jacked. A link that someone sent you took you to a page with an exploit that is now using your account to get more people to go to the page with the exploit, and so on, ad infinitum. It doesn’t really matter how they got you though, in most cases doing the following will sort it out:

  1. Change your password:
    1. Pick something strong, correct horse battery staple or get a password manager and use long random strings full of symbols as well as letters and numbers.
    2. If your account has actually been broken into you may need to use the “Forgotten password” functionality, it will be a link under the password box on the login form.
    3. You can change your password here on twitter and on this facebook page.

  2. Edit: Turn on 2 factor authentication
    1. Two factor authentication means that you need something else as well as your password to log in, in general a short code sent by SMS or generated by an app. It doesn't give complete protection but it in general makes it a bit harder to take over your account.
    2. For Facebook this is either by SMS and/or the code generator in the mobile app.
    3. Twitter also does both methods of 2 factor authentication
    4. If you like this as a concept other websites are now adopting it such as Paypal and Ebay, banks seem to be doing it in an annoying way by providing physical devices to put your card in. To those of you in IT and/or MMORPG playing these concepts have been a long time coming to the general public.

  3. Check your authorised apps list:
    1. Look at everything that has permission to use your account and revoke any you don’t recognise/use any more, worst case is if you revoke something you do use you’ll need to authorise it again.
    2. Twitter now prompts you to do this after password change, but you can also go find the list yourself and again here is the page for facebook.

These examples are for twitter and facebook, but the same concepts apply to other sites.


Kanwal Liaquat said...

Thanks for the tips. Just like everybody, I also do not want my accounts and computer to be hacked. I always take special precautions to protect my information as I am a PhD research article writer for publication. And it is really important for me to give my client 100% security. So I am just glad to know these tips too. As I believe, there really can't be enough security in the world.

Daxton Beckett said...

A link that someone sent you took you to a page with an exploit that is now using your account to get more people to go to the page with the exploit.I recently purchase thesis from Health Care Thesis Writing Services in USA.