



Over 10 billion records leaked in 2019. That's a 54% increase from 2018. Over 4 billion consumer and individual records were compromised. These numbers mean that every year thousands of people will get hacked on various social media accounts.
The importance of online security is often underestimated, when it should really be a high priority. And that is a huge mistake. If I could give you one unsolicited piece of advice for 2020, that is to invest some time and energy into your online security and keep your private data safe.
If you want more advice from us this year, subscribe to our newsletter below.
Although it sounds illogical, you might not recognize a hacked account at all. It works as usual, but could be abused in many ways for different activities. The most common ways accounts are misused are listed below.
Posting spam content is very common for hijacked accounts. In this case, your account is misused in order to post any kind of content. Your friends could take this content seriously and follow its message or click the link. It usually leads to some kind of scam website.
Your account could be used for liking and sharing defective content. This puts your friends at risk and this activity is done under your name.
Sharing fake promotions, ridiculously great discounts or even free giveaways could cause your friends to put their credit card details somewhere and ultimately get scammed.
Private messages could be sent to your friends under your name. For them it looks totally normal. But a hacker could ask them for a loan and this could lead to a more serious problem.
The first thing you hear when it comes to online security is “Set a strong password!” Okay, it's legit advice, but it's not always enough. Don't get me wrong, you should definitely use strong passwords.
The more conditions you meet, the more combinations your password will have. It's more durable against brute-force attacks. Anyway, this is only one option to protect your login credentials.
Passwords like JohnDoe1, PurpleMug or Password1234 are easily memorable for you and have millions of combinations. Despite the fact that it contains lowercase letters, uppercase letters and numbers, these passwords are predictable.
The problem is that on the internet, there are databases of common password combinations and attackers are trying these first, so you are not safe with these combinations.
Use unique passwords for different accounts.
Data breaches and compromised usernames or passwords in today's world are usually not your fault. Oftentimes, individual service providers insufficiently secure their servers, so hackers break through their security protection and that's how data gets leaked.
If this happens, the database with your username and password is available for anyone to buy. If you are using the same password across services, anyone could potentially gain access to your other accounts.
In this case, you should create different passwords for all the services and accounts that you are using. Perhaps, that seems unrealistic. This is why you should use a unique password for every app.
If your password is compromised, it doesn't usually mean that someone immediately logged in and hijacked your account. To find out if your credentials were compromised, you have to stay informed.
The best way to learn about password leaks is to check your e-mail address in databases like Avast Hack Check or Have I Been Pwned?. These web services regularly monitor password leaks. You can search your e-mail in the database and see if any part of your account was compromised.
Never put your password in a similar online tool.
Sharing passwords between colleagues is pretty common. According to Survey Monkey research up to 34% of the 1,507 U.S. adults they surveyed said that they share login credentials across their company.
That's usually due to collaboration with teammates, cost reduction, or because of a company's procedure.
These reasons are understandable, but quite risky. Even if your computer is well-secured and you act responsibly, can you say the same about your colleagues? It doesn't have to be because they are irresponsible, but they can make a mistake and your credentials could be compromised.
Instead of sharing passwords, consider using special tools for that. You can try Dashlane, LastPass or Onelogin to securely share passwords across a team. It even allows you to get access to any account temporarily without sharing login credentials. The password itself is hidden, but they can still log in to shared accounts.
That brings us to a chapter about password managers. These tools are a solution for securely saving and generating new passwords so you don't have to remember them all. Thanks to password managers you don't have to remember dozens or even hundreds of passwords, because the app does it for you.
There is a large selection of password managers on the market. According to CNET recommendation, LastPass is currently the best free-to-use manager, while 1Password is the best subscription password manager.
Other options to consider are Dashlane, Keeper, KeePassXC for use across platforms, or Apple Keychain, if you are in the Apple ecosystem.
Many people and companies say that you should change your password every 1-3 months. In reality, there is no need to do it regularly. You should change your password when it comes to a data breach from some service you are using. This happens pretty often, so you should stay informed and take action immediately.
Also known under the shortcut 2FA, is a security process, in which the user provides two different authentication factors to verify themselves in order to better protect both the user's credentials and the resources the user can access.
In other words, it's that SMS or displayed number on another device, that you have to retype when signing-in to some apps.
It helps to protect your account in case someone discovers your password and tries to sign in, because it requires unique information (usually a number or on-tap confirmation) on another device.
Using two-step verification isn't too difficult. Many apps and services now support this. Just go to your Settings and find an option to turn it on.
To stay secure, as much as possible, follow the next security tips.
The biggest problem of today, are login credential breaches. When this happens, and it happens very often, your e-mail address and password become public. To minimize the risk of abuse, use unique e-mail addresses for different accounts.
If you are using Gmail or G Suite, you are given two options on how to “hide” your real e-mail address.
Put dots somewhere in your name. For Google, it will still be the same address and the message will be delivered to your main inbox.
nameseurename@groost.com = name.surename@groost.com
Put the character “+” at the end of your name before “@” and add some random words. The message will still get delivered to your inbox.
namesurname@groost.com = namesurname+test@groost.com
Be sure you are using up-to-date apps. Every app has security holes and developers try to fix them regularly. When they submit an update to Apple App Store or Google Play, they also publish a list of bugs in a recent version of the app they are updating. It means that you are using an app with security issues, that are publicly known.
Use only official apps for accessing your social media profiles. There are dozens of unofficial clients promising better features or interfaces. I will give you 2 pretty common examples.
Instagram has an app, that doesn't support a big screen on an iPad. Its app looks like an enlarged iPhone app and even the keyboard acts like an iPhone. Using Instagram on an iPad is really uncomfortable.
WhatsApp doesn't even allow you to install an app on iPad, despite the fact that typing texts would be much more pleasant on a big screen.
These obvious reasons often lead to some people using 3rd party apps. It is a huge security risk, because by using these apps you are providing your sign-in credentials to someone else and you have absolutely no control over it.
Would you give your house keys to some stranger you just met?
An inconspicuous threat is hidden in shortened links. You have probably received something like this in email or message – http://bit.ly/38guVzt. It's a pretty common link, but you can't recognize where it will take you.
To see what is hidden under this link and stay safe, use GetLinkInfo, which gives you information about a link before visiting it.
Some services allow you to log out remotely from other devices you are currently logged in to. It's a sign that the company takes security seriously.
If you are using multiple devices or using someone else's device to log in to your account, be sure that you logged out of that device and didn't save the username and password. Then, log in to your account on the device you are currently using and force sign outs from other accounts.
Here are links for Facebook, Twitter and Google. For other accounts, just navigate to the Settings or Google it.
You have probably seen it. Sign in with Facebook or Google. Or even other accounts. Well, it is a handy way to log in. But a lesser known side effect is, that the button-providers and the service you logged in to are sharing your private data between themselves.
My advice would be “Don't use it, unless you see Sign in with Apple”. Regardless, it's your decision, but be careful as to which apps have access to your social profiles.
To find out which apps have access and to eventually revoke it, go to Settings.
Always check your URLs. A URL has to contain HTTPS instead of HTTP. All of today's social networks use this and should automatically redirect to the correct URL. In the case that you do use a login page with just HTTP, your login credentials might be compromised, because data transfer to servers are not encrypted. It's hazardous, especially if you are connected to public Wi-Fi.
If you often connect to any web service on public Wi-Fi's such as in hotels, airports, airplanes, coffee shops etc., you should use a VPN. It will protect you from local network attacks and keep your data private. Without using a VPN, even strong passwords can be compromised.
There are many solutions on the market. Pick one that will work best for you. This guide from Tom could help you.
Browser extensions add much more functionality to your internet browser. That's great, unless you discover fraudulent plugins, that can steal your data or misuse your computer.
Be very careful about this and pick only trusted ones. Also, check previously installed extensions and delete all of those you are not already using or that seem suspicious.
Browsers offer the option to save passwords when signing up or signing in. Sure, it simplifies the sign-in process for the future, but it's a security risk. They can easily be compromised, especially in case someone steals your computer.
📖 To deep-dive into this problem, read this article.
I don't want to scare you, but it might happen. It has probably already happened to you. The good thing is, that most credentials are encrypted, so that your password isn't visible to anyone. For now. With increasing computing power, it is only a matter of time before someone breaks the encryption.
In case you still have access to your account, follow these steps:
If you don't have access to your account, try to reset your password. If this doesn't work, follow the instructions provided by the service.
There is always a chance that your account will be compromised. I hope this guide helped you to understand how vulnerable your online accounts can be and showed you steps to secure them and better protect your data. 🙂
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.
The rich text element allows you to create and format headings, paragraphs, blockquotes, images, and video all in one place instead of having to add and format them individually. Just double-click and easily create content.
A rich text element can be used with static or dynamic content. For static content, just drop it into any page and begin editing. For dynamic content, add a rich text field to any collection and then connect a rich text element to that field in the settings panel. Voila!
Headings, paragraphs, blockquotes, figures, images, and figure captions can all be styled after a class is added to the rich text element using the "When inside of" nested selector system.