[iframe http://www.youtube.com/embed/5LlaF2AoL-o 560 315]
The hacktivist group Anonymous struck again this weekend, hacking several prominent sites and using the above video as an ominous calling card. The group managed to take down leading sites that included CBS.com, UniversalMusic.com, and official websites within the French and Polish governments.
Twitter accounts for both The Daily Show and The Colbert Report were also hacked this weekend, but it’s been reported that Anonymous supporters were behind the Twitter hacks, not the official hacktivist group themselves.
Though Anonymous uses hacking as a form of political protest, hacking should be a genuine concern for all Internet users. Between identity theft, spam, scams, and file destruction, hacking carries dire threats for both site owners and social media users alike. Internet security can never be taken too lightly, but few of us consider its implications on a daily basis.
Hacking isn’t exactly a rare occurrence, either: hackers target personal accounts 600,000 times per day on Facebook alone. The good news? There are dozens of simple steps you can take to increase your Internet security tenfold.
Seven Easy Ways to Protect Yourself Against Hackers
Boost That Password Security
The simplest and most effective step you can take against hackers is to maintain a strong password. A strong password should be:
- at least 15 characters
- a mixture of CAPS and lowercase letters
- at least one number
- and at least one symbol
Your password should be completely and utterly random. Don’t use any names, birth dates, or anniversaries.
Need some help coming up with a unique password? Try taking the first letter from a favorite quote, saying, or other significant text. You can also use random password generators like this one. Don’t use the same password for every site, either.
Choose a Unique Username
Choosing a hard-to-guess username is like adding a second line of defense against hackers. Instead of having to crack one field, hackers now have to crack two. On WordPress, for example, hackers know most users use an “admin” username, but it’s easy to change your username to something more secure.
Research Each App, Extension, or Plugin Before You Install It
It doesn’t matter whether it’s a Facebook app or a WordPress plugin: don’t install it until you’ve researched it and verified that it comes from a trusted, secure source. If you can’t find any official reviews or ratings, check sites like Snopes.com to see if it’s a reported scam.
Use Two-Step Verification on Gmail
Imagine the destruction a hacker could cause if they had access to your email account. Gmail allows users to set up two-step verification, which sends a security login code to your mobile phone if you try to log in on an unfamiliar device — meaning that even if hackers guess your password, they’ll still need access to your phone to hack your email account.
Use Secure Browsing on Facebook
Facebook allows users to enable “secure browsing,” meaning you’ll browse via an encrypted connection (https://) instead of the standard one (http://). Just go to your account settings, choose the “Security” settings, and edit the “Secure Browsing” setting.
Turn on Login Notifications on Facebook
If someone logs into your account on an unfamiliar device, Facebook will send you an email letting you know about the foreign login. If it wasn’t you, you can immediately take action against the account break-in.
Back Up Your Files
If you run a site or blog, a hacker could wipe out all of your hard work in one fell swoop. Don’t let them destroy your archives: invest in a paid automatic backup plugin like BackUp Buddy or use a free, manual one like FileZilla.
Always Verify the URL When You Log In to Any Account
Phishing scams are one of the most common ways to gain access to an account. Always glance at your navigation bar before you enter in any password. If it’s not the official URL (twitter.com, facebook.com, etc.), close that window and never look back.
What to Do if You’ve Been HackedImage: Marcos Papapopolus via Flickr
The first step is to convince yourself it’s not the end of the world. It’s no joke and it’s certainly embarrassing, but you can bounce back. Here’s how you can start the damage control after a hack attack.
Change Your Password — Immediately
The first step is to change your password as soon as you find out about the hack. Be sure to make it something completely different from your previous password — and make it as strong as possible.
Deny Access to Any Recent Apps
Have you recently added any apps, extensions, or plugins? Revoke their access or uninstall them immediately.
Warn Your Friends
Think you may have sent out any spam messages to your friends and contacts? Let them know so they can (hopefully) avoid the same scam.
Take Your Site Offline
Your visitors will return when it’s up and running again — and the last thing you want is to give your readers, clients, or customers a higher chance of being hacked. It’s easy to rebound from technical difficulties, but you may never overcome the tarnished reputation you’ll get if your visitors get scammed because of your site.
Notify Your Web Hosting Company
Some companies will take your information and give instructions on how to rebound; others take a more you’re-on-your-own stance. Whatever your company’s policy, it’s a good idea to let them know.
Communicate With Your Customers
If it’s your business site that’s been hacked, quick and honest communication is key to damage control. Be open with your customers about what happened, but let them know you’re actively working on finding an immediate solution.
Take Steps to Prevent Future Hackings
Identify why you were hacked: a faulty password? Faulty site scripts or out-of-date software? Target the solution and double up on security in your weak spots.
How Do You Protect Yourself Online?
What steps do you take to protect yourself online? Have you (or someone you know) ever been hacked? Share your experiences in the comments!
Nicki Porter is a a working writer, fledgling foodie, and admitted alliteration addict who originally thought the “two-step verification” was a new kind of dance move. You can find her on Twitter at @nickimporter. Or better yet, you can come hang out with CopyPress on Twitter, Facebook, or Tumblr!