The Kill Switch: Simple Ways Hackers Steal Your Data
The main goal for a hacker is to gain access to private information, and to use that against a person or organization for ransom. Depending on the type of information, this can be detrimental to the success of a business.
While it is important to know how to keep your data safe and secure, it is also good to know the most common ways hackers try to attack your data.
The Guessing Game
The first step that hackers will take is simple. They target accounts with common PINS and passwords. Hackers do this by exploiting phone carriers’ websites with multiple attempts with simple-to-guess PINS, such as “1234.” Many of these password variations will be tested based on public information. As discussed in last month’s article, anything that is publically visible should not be considered for a PIN or password. For example, using an old childhood address “4551” as a PIN isn’t recommended.
Gaining Your Trust
Gaining trust is the next step for hackers. To gain trust, hackers will mask behind a friend, company, or institution associated with your information. Typically, they will find a trusted number and spoof it. The term “spoofing” means changing the number that displays on the victim’s caller ID.
Spoofing is major business for hackers and spammers. The scary part is that anyone with the correct technology can spoof a number. Caller identifications are determined during the second ring of the call. In this short period, the hacker will use Frequency Key Shifting, which alters the binary format of the number. Changing the binary format can be completed through automated programs.
Hackers that want to gain access to private information commonly resort to social engineering techniques. Social engineering is used by hackers because it is much easier to exploit a human for data than a website or network.
This technique allows skilled hackers to obtain details such as a phone number or email from institutions like cell phone carriers. With these bits of information, they can procure even more access to important accounts and backtrack to gather extended details.
How to tell if you are getting hacked
Individuals asking for your vital information should not be trusted. It is important to not release personal information over the phone. Several institutions, agencies, and companies have noted the following:
- Financial institutions will never ask for your online password. They won’t use email or text to request personal information.
- Federal and State Government agencies will never request personal information via phone, text, or email. This includes the FBI and IRS. Personal information is always acquired in person or through mail.
- Technology support to remove malicious software or viruses won’t be detected remotely. Companies including Microsoft and Apple will never call to provide such support.
- Debt consolidation, loans, and charities sometimes discuss personal information via phone; however, this information should only be released to a trusted entity that you called directly.
If you happen to get caught by a hacker, the first step to combat spoofing is to call the company, agency, or person back. The Federal Communications Commission (FCC) says to report any suspicious callers that asked for personal information. If you’re located in Canada, the suspicious calls can be filed under the Canadian Radio-television and Telecommunications Commission (CRTC).
A hacker that commits spoofing can face penalties up to $10,000 per call, if not more. Recently, an individual who committed 21 million spoofed calls is being charged an $82 million dollar fine from the FCC.
So what about individuals calling under “unknown?” This isn’t illegal, and all telephone companies must allow a number the ability to be blocked. Yet, telemarketers and individuals selling products or services must have a number displayed.
Wi-Fi Isn’t Your Friend
Wireless connections aren’t as secure as many perceive. Wi-Fi networks to avoid include public or free wireless networks. Generally, these networks aren’t monitored or encrypted so it is important to never use personal information on an un-trusted wireless network. Hackers can collect valuable data effortlessly through these networks by generating a bot to collect vital information.
Hotels, airports, and coffee shops are the typical targets for hackers. When in these locations, using 3G, 4G, or LTE phone data can be much safer and harder to hack than Wi-Fi networks. It’s also recommended to use Hyper Text Transfer Protocol Secure (HTTPS) while browsing personal information. Encrypting yourself even further can be setup with a Virtual Private Network (VPN).
It Can Happen to Anyone
Whether you are a Fortune 500 company, famous celebrity, or an ordinary person, hackers can tap into your accounts and steal valuable information if it isn’t properly protected. Here are a few tips to follow to ensure you don’t become susceptible to your data being stolen:
- Use unique and complex PINS and Passwords
- When available use fingerprint identification and two-step authentication
- Don’t trust the caller ID
- Never click un-trusted links within emails or text messages
- Avoid using publically used Wi-Fi networks
- Use HTTPS addresses, when available
- Encrypt online activity with a VPN
Need help securing your data? Give us a call at 248.687.7888 or email us at firstname.lastname@example.org for more information on how we can help keep your data safe and secure.