Written by Robert SicilianoFollow Robert Siciliano on Google+
The hacker specializes in tricking victims. This is called social engineering, and there are countless ways to do this.
With all the cybersecurity out there always getting beefed up, how is it that data breaches keep occurring? How is it that people's home computers keep getting infected?
Because someone was tricked. At a business, it's an employee. At home, it can be anybody.
Once the hacker gets in, he'll locate login information for your bank, PayPal, health plan carrier, social media accounts, and get all sorts of other loot like your e-mail address book and any highly sensitive information you have in your computer files like your Social Security number.
How does a hacker get in?
- Joe Hacker learns something about the intended victim-enough to get him launched. It may be as simple as posing as a trusted individual (such as a manager at the victim's workplace) and sending the victim an e-mail, tricking the victim into giving up a password. Or he may pose as the victim's bank's rep and trick him into resetting login information.
- He may learn details about you from your Facebook page, LinkedIn profile or one of those private records searches that require a nominal fee.
- Over a short time the hacker acquires enough information go get into all of the victim's accounts.
How to Protect Yourself
- Never click links inside e-mails. Hackers love to trick people into clicking on links that download spyware.
- When it's time to provide an answer to the "security question," provide one that nobody will ever guess, but that you'll remember. So if your dog's name is all over your Facebook page (where a hacker can learn it), use a different name for your "pet's name." So "Sweetie Pie" becomes "Stinkie Pie." Or lie about your high school name or mascot. You get the picture.
- Be suspicious of people you know asking you to reveal personal information. It could be a hacker impersonating your college buddy. Be on high alert if the friend or relative is someone you haven't heard from for a long time and they're pressing for personal details.
- You can easily verify this curious person's authenticity by asking them to answer a question that only the real person would know the answer to.
Being skeptical should be your default setting. Think good and hard before you fork over your Social Security number, password or other sensitive information.