A cybersecurity expert says you can take these steps to make sure your accounts aren’t ‘low-hanging fruit’ for hackers

  • Most cyber-attacks target people who haven't taken basic precautions to secure their accounts, making them "low-hanging fruit" to potential hackers.
  • Changing passwords frequently, limiting the information you share online, and being clever with your personalized security questions can help secure your accounts.
  • Visit Business Insider's homepage for more stories.

It's impossible to predict whether you'll be the victim of a cyberattack, but you can drastically reduce the odds of one in a few simple steps.

The vast majority of people whose accounts are hacked don't take basic precautions to protect them, making them "low-hanging fruit," according to Alex Heid, chief research and development officer at cybersecurity firm SecurityScorecard.

"If you're not thinking about these things, you have a nice car and you're leaving it unlocked in a bad neighborhood. And the internet is the worst neighborhood there is, in my opinion," Heid told Business Insider.

Read more: A cybersecurity expert describes the underground hacker network where stolen usernames and passwords are 'traded like Pokémon cards'

Follow these expert-recommended steps to avoid the pitfalls that can expose your accounts and sensitive information to hackers.

Change your passwords frequently.

looking at phone iphone apple


Jeff Chiu/AP

According to Heid, hackers accumulate millions of login credentials and passwords in online databases garnered from previous data breaches. Even with just one set of login credentials, hackers commonly try to log into other sites using the same email and password, assuming that users will have the same password across platforms. Using different passwords from site to site will thwart this strategy.

Don't use the same security questions across different sites.

man looking at computer investing


Hero Images/Getty Images

Following the same principle, if one site you use is compromised in a data breach, hackers might gain access to the security question and answer you set up in order to reset your password. If you use the same question across sites, it's incredibly easy for hackers to subsequently reset your password on every one of your accounts.

Use bogus information for security questions to throw hackers off.

A U.S. Department of Homeland Security employee works in front of a U.S. threat level map and monitoring display inside the National Cybersecurity and Communications Integration Center during a guided media tour in Arlington, Virginia June 26, 2014. REUTERS/Kevin Lamarque


Thomson Reuters

Password-reset questions typically ask for personal information like your mother's maiden name or the street you grew up on. Rather than filling this out truthfully, use false information or an inside joke that hackers wouldn't be able to guess. This tactic may seem counterintuitive, but can be effective, according to Heid.

Start using a password manager.

lock and key


flickr/Rachel Pasch

"I always recommend using a password manager solution like Keypass or something like that to handle all the different passwords," Heid said.

Password managers can generate long, difficult-to-guess passwords and automatically save them across websites, making it easy to keep your passwords diverse and hard to crack.

Don't leave a public trail of personal information via social media.

social media pic


Josh Rose / Unsplash

Be mindful of information that hackers could glean from your public social media accounts — especially if you're using that information for a password reset question.

"Pets' names, kids birthdays, spots you went to for your honeymoon, all of those are common password reset answers that can be obtained from social media. Even stuff like the street you grew up on, that can be found in public records," Heid said.

Use multifactor authentication whenever possible.

FILE PHOTO: A visitor uses a mobile phone at the Samsung booth at the Mobile World Congress in Barcelona, Spain, February 26, 2019. REUTERS/Rafael Marchante/File Photo


Reuters

One of the most surefire ways to thwart hackers is to use multifactor authentication, or logins that verify your identity by sending an SMS code to your phone or an app notification.

"It's an easy way for people to make sure they aren't easy targets," Heid said.

SEE ALSO:

ICE is reportedly using fake Facebook accounts to track undocumented immigrants and lure them into sting operations

More:

Features
Tech
Cybersecurity
Hacks

Chevron icon
It indicates an expandable section or menu, or sometimes previous / next navigation options.

Leave a Reply

Your email address will not be published. Required fields are marked *