With all the threats of being hacked, phished, spammed, etc … I thought I would give a very basic primer for some of my friends on getting yourself secured. This is common sense to some people, but not all are as experienced … so here is my first attempt at this.
Twitter:
This can be as open as you want it to be, but that comes at a cost. For that reason, the easiest thing to do is make sure anyone that follows you is after your approval .. i.e. lock your profile. When someone wants to follow you, you will be notified, and you can either allow or block them. Many spammers and phishers on twitter will get to users this way.
Most of the time, you will know who wants to follow you. Be wary of users who have 0 are a small number of tweets. Someone who has a large number of follows, but has done a small number of tweets is a big warning sign. If you are big into cycling, like I am, most of my followers will by cycling related. But if it looks like someone from a completely different interest type, I usually block them.
Facebook:
I normally avoid any facebook games. When it says it needs to look into your profile, that’s a big big no-no with me. Perhaps I’m paranoid, but that helps not getting pawned. I usually configure anything to inform me first, before they invoke anything … i.e. eye your permissions
Emails:
Ok, this is the most difficult. Of course, we all have some type of anti-spam from email hosts, but that won’t catch everything. Again, if the subject seems like something unfamiliar, it is most likely something to be forewarned about. Be very careful of this. Sometimes, I deliberately force my email settings to use txt only, but some people don’t like txt, and require html. Okay, fine … but when I see a link, I typically copy and paste that link into a web browser. This avoids what’s called click-jacking. Sometimes, when you click something, it may go to a URL that you are not expecting … and then, it takes you to a phishing site, where it taps into your personal account information, which is a bad thing.
If, you happen to get a dialog box that seems out of the ordinary, make sure you don’t click inside the box. Try clicking the “X” on the border of the window. This way, you exit from the windows function, instead of possibly executing the hackers code, and possibly hacking into you.
One last thing … it may be a good idea to rotate your passwords every so often. Make them non-standard spelling, and not a typical pattern that can be guessed. One suggestion, which seems to be a good idea, but I haven’t employed yet … is to come up with a phrase you remember the most … and take the first letter of each word, and use them in your password. I haven’t used this password, but consider the phrase “Who are these people and why do they keep following me?”. You could translate this into a password “wrtp&ydtkfm?” Yes, it may take a while to get used to this, but that pattern will definitely be harder to hack than “cyclist”.
Sevencyclist's Blog 