What comes to your mind when you hear the words “hack” or “cybercrime?”  Is it a self-taught tech whiz who’s looking to cause some mischief?  Or is it a sophisticated criminal locked away in his or her home, sitting behind a multi-monitor tech stack?  The thought of someone hacking into your personal data with the intent to do harm is a harrowing thought. Unfortunately, it’s also a very real risk that all online users are subject to on an ongoing basis. The long-standing security experts at McAfee recently reported that an estimated 300,000 new pieces of malware are introduced every day.  It seems the world of hacking is growing exponentially and may continue along this growth path for the foreseeable future.

Facebook has come under intense scrutiny in recent years thanks to large-scale security breaches that resulted in millions of users being made vulnerable to cybercriminals.  Notably, some 50 million user accounts were hacked in one massive breach that was discovered in September 2018.  As a company that serves Facebook users on a daily basis, we’ve made it our business to become industry experts on cybercrime activity, preventative measures, and ways to support those who’ve been victimized by such illegal activity.  Continue reading to better understand these online hacks and how fig social can help you!

What Is the Point Of Hacking?

To put it simply, hacking is the act of gaining unauthorized access to data in a computer or system.  Some hackers (or, better known here as “security researchers”) could be working legally at the request of a company or organization looking for any vulnerabilities in their system’s infrastructure.  For example, Facebook has a Bug Bounty program in place that paid out $1.1 million in compensations to independent security researchers in 2018 alone.  

But it’s safe to say that these security researchers are certainly the minority group in the world of hacking.  In fact, according to Cybersecurity Ventures, cybercrime has officially surpassed the illegal drug trade in profitability and is estimated to cost the globe $6 trillion annually by 2021.  According to their research, this annual number has risen drastically from $3 million in 2015, which constitutes the “greatest transfer of economic wealth” in global history.  If you haven’t been paying attention yet, that should raise some serious red flags.

Why is hacking so profitable?  In a word: data.  When a hacker accesses the data in a system, they are getting their hands on a cash machine.  The monetization of personal data has become an economic giant.  Some researchers have even gone so far as to call it the “new oil” in terms of its commodity value, but we tend to lean towards Will Goodrum, Ph.D.’s, analogy of calling it land.  As he explains, the location of the land is the most important factor influencing its valuation.  Similarly, with data, the relevance of the data to whatever company or organization that is looking to acquire it is the single most important factor.  Your data is only valuable to an organization if it can be leveraged by them to meet their end goal (which is most commonly to increase company revenue).   But that being said, if your data is relevant to a company or organization and can help them grow their bottom line, then that data is nearly priceless for them to acquire.  

Once data is in the hands of the hacker, they’ll likely sift through the records, creating an inventory of the bounty.  They’ll be looking for potentially valuable items such as military email addresses and names associated with wealth.  These records will likely be set aside to be dealt with individually on a case-by-case basis.  For the rest of the common data, they’ll organize it together in whatever way is appropriate for their marketplace, then sell the data in bulk on the black market.  

How Do Hackers Access Accounts?

There are a large number of ways that these hackers can breach a system in order to access data, but there are five general methods that all Facebook users need to be aware of.

Common Methods of Hacking

Phishing

A phishing scam is exactly what it sounds like: it’s a hacker “fishing” for your information.  In these scams, hackers will create online portals for sites like Facebook and online banking that look nearly identical to the authentic portal.  When you land on one of these imitator portals and enter your information, it is sent straight to the hackers where they can then enter into your accounts with no effort at all.  

Most often delivered via email, Phishing scams are among the most popular ways for a hacker to access your personal information such as login credentials and bank account information.  

How do you recognize a phishing scam?

In order to protect yourself from phishing scams, be sure to check the sender in every email.  Email addresses that look off, such as those that have a long string of numbers or any subtle misspellings, are likely phishing scams.  Do not click on anything in a suspicious email, but rather delete it right away.  If you’re certain that it is a scam, you can file it as Junk so the same sender can’t hit your inbox again.

If you’ve somehow found yourself redirected from an email or other website to an online portal such as the login page for social media or online banking, be sure to check the url for legitimacy.  Hackers are experts at making a website look as identical as possible to the real thing, so you can’t be too careful when entering personal information.  In fact, it is our strong suggestion to never enter personal information on web pages that you reach by way of being redirected from some other source.  If you need to access your Facebook account, do so by going to www.facebook.com and go from there.  The same goes for any social media account, email account, or online banking account: it is always better to access the site directly rather than by way of a redirect from some other source. 

Keylogging 

The most common kind of keylogging comes in the form of software that has been downloaded to your personal device.  Once downloaded, this software tracks every keystroke made on the device, logging user names and passwords for any and every account you access after the software has downloaded.

Keyloggers can be accidentally downloaded through a number of ways, including clicking on dangerous attachments in emails, visiting an infected website, or even through other malware already installed on the device.

Stored Passwords

Nearly 80% of Facebook users admit to using a password management system, such as LastPass or Keeper.  These systems will store any and all login credentials that you use on any website, conveniently auto-filling them the next time you visit the sites.  These are very handy tools to have installed on your computer if you frequent many different websites that require you to login.  However, one downside is that if you use a weak or easy-to-guess password on the password manager itself, hackers could easily access that system and all of stored passwords within the system.  

With password management systems you have to remember that if just one password–the management system’s password–becomes compromised then ALL of your login credentials also become compromised.  We recommend using a highly secure password, such as those that our free, instant password generator creates.  To give our generator a try, CLICK HERE.  

Sidejacking

Sidejacking occurs when a hacker gains access to your device while you are actively using the device on a public network, like the free wi-fi hotspots found at cafes and coffee shops.  These networks are unprotected and leave your computer in a vulnerable state.  We strongly recommend avoiding logging into any sensitive websites such as online bank accounts or social media accounts while on public networks.  

Additionally, providers like Norton offer VPN services, or a Virtual Private Network, that use bank-grade encryption on your devices while connected to the private network.  We strongly recommend using a VPN to further protect yourself while connected to the internet in public spaces.  

Additional Considerations

Vulnerability in Facebook’s Code

As we mentioned earlier, some 50 million accounts were discovered to have been hacked in September of 2018.  The origin of the attack appeared to be in a vulnerability in the code of one of Facebook’s then-newly released features.  This feature allowed hackers to obtain access tokens or the things that your browser uses in order to keep you logged in to the platform.  This hack allowed the perpetrators to not only gain access to the Facebook accounts but also to third-party applications that had been connected to each account.  

Protecting Yourself In Case of An Attack

What this incident brought to light is that a cyberattack can happen on either front: the vulnerability can be on the side of the user or consumer or it can be on the side of the service provider or network.  Even if you take all precautionary measures to avoid falling into online scams, there is still a high risk of being compromised.  

That’s why we at fig social have been working on a cybersecurity solution that can help bring peace of mind to Facebook users.  In addition to our on-demand, live Facebook support service, we’ve created a sister company, feedstr, that is due to launch proprietary hack protection software in a matter of weeks.  

feedstr’s software provides perpetual automated social media account data backup, safely storing away personal assets such as photos and videos that have been uploaded to the user’s account.  If a hacker were to access your account, there’s a very good chance that you will not be able to access that account again.  If this were to happen, you’ll lose all the photos and videos that have been stored on the account.  With feedstr, you can rest easy knowing that your assets are secure in our encrypted server, able to be downloaded to you at any time.


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *