How do hackers compromise accounts  💥
Knowledge is power. Knowing how accounts are compromised will help you protect your accounts and keep your passwords safe. Many people talk about how their online accounts are hacked. But what exactly is the process? As a matter of fact accounts can be hacked using very simple methods. Read on.
1. Your email account and password reset
You're utmost at risk if an attacker can access your email accounts using any of the below methods. Your email account functions as your primary online account. It is linked to all other accounts. Anyone with access to your email account can use it to reset passwords on any site you have registered to with the email address. You should make sure your email account is secure. It is especially important to create a unique password and protect it with care.
Keyloggers are malicious software that runs in the background and logs every keystroke you make. These programs are often used to steal sensitive information such as credit card numbers and passwords for online banking. These data are then sent to an attacker via the Internet.
These malware can be spread via exploits. You can be compromised if your Java version is outdated, which most computers are on the Internet. This could happen through a Java applet that you see on a website. They can also be disguised as other software. You might download an third-party program for playing online games.
This tool could be malicious and capture your game password to send it to the attacker via the Internet. Make sure you have a good antivirus program and that your software is always up-to-date.
3. Simply trying to answer your security questions
Answering security questions can often reset passwords. Security questions are usually very weak. You will often be asked questions like "Where were your parents born?", "What high-school did you attend?" and "What is your mother's maiden surname?"
This information is often easily accessible on public social networking sites. Most people will tell you the high school they attended if asked. This information is often easy to find and attackers can reset passwords and gain access.
You should avoid using security questions that can be easily found or guessed. Websites should not allow anyone to gain access to your account simply because they have the answers to a few security question. Some do, but others don't.
4. By using social engineering
Social engineering is another common way that attackers can gain access to your accounts. Phishing, a well-known form of social engineering, is where the attacker pretends to be someone else and asks you for your password. Some users give their passwords away easily. These are just a few examples of social engineering.
- An email arrives claiming to be from your bank. It directs you to a fake website for your bank with a similar URL. You are asked to enter your password.
- A message appears on Facebook, or any other social network. It asks you to enter your password in order to authenticate yourself. This is obviously an attempt to hack your Facebook.
- A website promises you something, like free games on any platform or World of Warcraft extra's. The website will need your username and password to access this fake reward.
Don't share your password with anyone other than your bank.
5. Reusing leaked passwords
Many people use the same passwords for different accounts. Some people may use the same password on every account. This is extremely dangerous. Over the past few decades, many websites, including well-known ones like LinkedIn or eHarmony, have had their password database leaked online. Websites with leaked passwords as well as usernames, email addresses and password lists are easily accessible online.
These email address, username, password combinations can be used to hack into accounts. You put yourself at greater risk by using a password for an email account. Your email account could be used as a reset password if an attacker has access to it.