Trustwave, a cybersecurity company has just uncovered a hacking of close to two million Facebook, Google, Twitter, Yahoo, LinkedIn and other social media accounts. Even more ominously, the hacking includes other Internet sites including ADP, a payroll service provider. The hackings appear to have started on October 21st and still are going on. Compromised information includes usernames and passwords. The hacking is a worldwide phenomena with computers affected in more than 100 countries. ADP, Facebook, LinkedIn and Twitter have already notified its users to reset passwords for affected accounts. Particularly troublesome is the hacking of ADP, the payroll company. Approximately 2,400 accounts had their security breached. Although the exact manner that the hacking was accomplished still has not been identified, what is known is that the hacking was achieved by luring people into downloading keystroke logging malware that stole the information from their computers. This technique is referred to as phishing. You will find more about phishing in my book “50 Ways to Protect Your Identity in a Digital Age,” but in essence phishing occurs when an identity thief sends you an official looking email or you go to a counterfeit website where although the email and the website appear legitimate, they are not. When you click on links in the email or website you download the malware.
Also distressing is the fact that in uncovering this hacking, Trustwave identified the passwords that were compromised and the large majority of them were simple passwords that are easy for identity thieves to guess. The most common password of the stolen passwords was 123456. Another problem for people who had their passwords and user names stolen is that people often use the same password for many different accounts so they are in danger not just in the hacked accounts, but in others they use. Scamicide and “50 Ways to Protect Your Identiy in a Digital Age” provide detailed help in picking a simple to remember, but complex password that will make you safer on line. Also, it is important to have anti-malware and anti-virus software installed on your computer and maintained up to date with the latest patches. Also keep all of your software updated with the latest security patches. For this reason, whenever software companies issue security patches, I provide links to them here on Scamicide. Check this site each day to make sure you are safe. Finally, do not click on links or download attachments in emails or on websites unless you are absolutely sure that they are legitimate.