Mac or Windows, ACT or interstate, you might want pass this post onto your friends.
Most people take their security very seriously. They lock windows, they don’t leave keys in the front door, they slap a password on their Mac and a pin code on their iPhone.
We have all heard the mantra “don’t open unfamiliar emails” or “don’t click on suspicious links” and it swims around inside our heads every time we interact with technology which is, these days, constantly. For these reasons very few of us are victims of foul play and so the maggots that want to steal from us resort to telephone scams instead.
We continue to watch ourselves and our friends but no matter how careful we are, if we put our details into a website – whether it be to buy groceries on line or dabble in the stock market – we are relying on that website taking our security as seriously as we do. Sadly, this is not always the case or possible.
Over the years there have been a number of high profile hacks that have seen our user names (usually our email addresses) and passwords for that site exposed. In short, despite your best efforts your security has been comprised.
So, what to do?
Well, for starters this has to be the best argument for not using the same password over and over again. If Mr Slime-bag has your email address and a password, it might very well try these details in other popular websites or services to see if the same combination has been used elsewhere.
Before you know it, that one hack has lead to several hacks.
The second thing would be to use any form of two-step authentication on offer. Google and Apple have, for years now, offered a system where by everytime you log into your account a code is sent to your phone that you must enter before proceeding. If you haven’t done so already you can set up two-step authentication on your Apple account here and google here.
Unfortunately we have now come to the icky part… namely, have you actually been hacked. Or more specifically, has a business you’ve sign up too been hacked. One of the best ways to find out is to go to haveibeenpwned.com which in itself sounds dodgy but I promise you is legit.
Go here and type in your email address and/or user name that you have used in the past.
If you have been hacked you’ll get a list of the websites or services affected. From here you can do a couple of things:
- Login to that website and change your password. (chances are you’ll be forced to anyway)
- If you believe the password you used at this site is the same as other, as yet unhacked sites, log into those and change those details.
But before you get carried away, make sure these are sites you’ve actually logged into in the past. As a test I typed in “renny” and found I had been hacked on cannabis.com and a Vista website neither of which I have ever been on.