On September 2nd I told you about stolen nude photos and videos of more than a hundred celebrities including Jennifer Lawrence, Kate Upton, Jenny McCarthy, Cat Deeley, Kayley Cuoco, Scarlet Johansson and others being posted on the Internet on websites such as 4Chan. Now nude photos of Kim Kardashian, Vanessa Hudgens and Hope Solo were again put up on 4Chan and Reddit and becoming a prominent topic on Twitter. In response to the tremendous amount of criticism that 4Chan received over the Labor Day posting of the celebrity nude photos, 4Chan changed its policy on copyright infringement and consistent with its new policy promptly had the new nude photos removed from the website. Reddit has also removed the photos. These new photos were probably obtained in the same manner and even, perhaps by the same hacker involved in the massive Labor Day release of celebrity nude photos. Although the exact manner by which these photographs and videos were hacked and stolen has still not been definitively determined, Apple has strongly indicated that the problem was not a flaw in iCloud security and that is probably accurate. Anyone who is able to get someone’s email address and password would find it easy to gain access to that person’s iCloud account and download the photographs and videos. Obtaining an email address is a relatively easy task for any hacker and passwords can be obtained either from other hacked devices or by, as often is the case, by using the “forgot password” link on Apple’s iCloud, as with other accounts. The answers to the security questions used to obtain the password through the “forgot password” function are generally easy to find for celebrities whose personal information, such as where they went to high school or other information used in security questions is easily found online.
So, I will again ask the question that I asked first on September 2nd, what does all of this mean to you?
This hacking presents two separate problems. The first is that identity thieves will be taking advantage of the public’s interest in these photos and videos. You will be receiving emails, text messages or social media postings with links that promise to bring you to these stolen photographs that will download keystroke logging malware when you click on the links. Once this malware is installed on your computer, smartphone or other portable device, your personal information will be stolen and the information will be used to make you a victim of identity theft.
The second problem is the same problem faced by the celebrities whose accounts were hacked. How do you keep your accounts secure?
Don’t give in to the temptation to view these photos and videos online. Ethically, it is the wrong thing to do. However, it also is too risky an activity. You cannot trust any email, text message or social media posting that promises access to these photos and videos. Many of these will be laced with malware and you cannot know which one’s to trust. Trust me, you can’t trust anyone. In addition, identity thieves will be setting up phony websites that promise to provide these photos and videos, but again will only end up installing malware on your computer when you click on links in these websites. Identity thieves are often adept at search engine optimizing so a phony website might appear high in a search from your web browser. As for Kim Kardashian, if you believe you need to see nude photos of her, you can easily find photos she took for a Playboy Magazine spread a few years ago on the official Playboy website.
As for securing your own account, you should use a unique password for all of your accounts so if any of your accounts are hacked, all of your other accounts are not in jeopardy. Make sure the password is a complex password that is not able to be guessed through a brute force attack. Check out my book “Identity Theft Alert” for advice as to how to pick a secure and easy to remember password. Also, even if you are not a celebrity, you would be surprised how much information is online about you that can be used to come up with the answer to your security questions. It is for this reason that I advise you to use a nonsensical answer to your security question, such as the answer “Grapefruit” for the question of what is your mother’s maiden name. Also, take advantage of the two-factor identification protocols offered by Apple and many others. With two-factor identification, your password is only the starting point for accessing your account. After you have inputted your password, the site you are attempting to access will send a special one-time code to your smartphone for you to use to be able to access your account. It is also important to note that merely because you think you have deleted a photograph or video from your smartphone, that may not be the truth. Smartphones save deleted photographs and videos on their cloud servers such as the Google+service for Android phones and the iCloud for iPhones. However, you can change the settings on your smartphone to prevent your photos from automatically being preserved in the cloud.