Incredible as a 20-year-old student from the nest heat of the parents can drive out a whole country with 82 million citizens in uncertainty. As known, he had either collected the data himself via data hacks or acquired it in the Darknet. That would have been avoidable.
Why is it so easy to successfully hack Facebook accounts, webmail accounts and logins?
The answer is simply because the majority of Internet users are too comfortable.
How do our apps and programs work?
Basically, we can log on to our devices (PC, laptop, smartphone, tablet, router) by means of a login (username plus password) and then have access to most of the applications we use.
The same thing happens in the social media and webmailer portals, except that most of the time here the eMail address is the username and the password is freely selectable. One of the best examples is Facebook, because with the Facebook account, behind which the e-mail address is again, you get access to many different other social media platforms such as Instagram and many apps that use the Facebook account.
Once the attacker has your email address and password through a hack of such portals fell into the hands, then usually very many if not all accesses are affected.
And it's an illusion to believe "My email address is too uninteresting and the likelihood of tapping it too small". There are files with e-mail addresses and the associated passwords, some 593 million records. Likewise, for brute-force attacks, there are password files with millions of entries of password combinations plus the appropriate hash value, so that entries only need to be looped through and tested.
As far as the current state, which was also the student of the current Doxxing obviously available.
Whether your email address is below, you can easily
Although this time only affected people who are in the public eye, in principle, such a Doxxing but can hit anyone. You can effectively protect yourself with a few simple tricks and a bit of hard work.
1. Protection of e-mail accounts
As already mentioned, the neuralgic point of digital life is the email account:
After all, if a hacker gains access here, he can easily find out which web services and social networks you are using and with whom you also communicate with in everyday life. And incidentally, the hacker does not even have to know the passwords for these services, because the eMail address acts as mentioned in most cases as a login, with the fatal consequence that he can also reset the password. Almost all aspects of your online digital identity can be controlled from an e-mail account.
2. Use secure passwords
Straight from the point follows the need for multiple secure passwords. If you even bother to come up with a really good password, then the mail account is the place to go.For this there are under Linux, among other things, the command "pwgen", but also for Windows and Mac, there are password generators. Good passwords consist of at least 8 to 12 characters, better even 16-20 characters. Small and capital letters should play a role, as should the use of numbers and special characters.This does not mean that you would have to change all logins on all websites and programs. But determine for yourself the most important points of attack - such as the e-mail account - and make sure that very good passwords are used for these goals, which are especially sought after by hackers.
In order to avoid the paperwork on the monitor, under the keyboard or in the wallet, whether the many complex passwords, there are now very good password managers such asKeePass2. This allows you to selectively protect your passwords with a single master password and you only need this master password each time. The same database can also be used on the smartphone with the associated app.
But it is also old-school with paper, but better in PGP-encrypted Kalkulationstabelen.
And especially your online banking passwords are particularly worthy of protection.
3. Use of two factor applications
Although this is more inconvenient if the login to a code via SMS is sent to the smartphone, the work of the hacker but makes colossal. At least in online banking and also in the mailbox should find the application.
4. Regular updating of the software
You should protect not only online services but also your local computer, smartphone, router. In addition to a functioning virus scanner is essential to update the software used regularly. Your operating system, as well as all browsers and also any local mail clients should keep themselves up-to-date via automatic updates in order to close newly discovered security gaps in a timely manner.
Because the best defense software and strategy is obsolete, as long as the attacker can rely on known security holes in the software. This also affects the software of your router. It should also be mentioned that you replace the default passwords of the router manufacturers right at startup, because here too there are huge databases on the Internet with these sorted by manufacturer and model.
Here it should be emphasized that you should install new software only from trusted sources. So best from official app stores of the operating system manufacturer or from the manufacturer's website. Check twice if it is the website of your choice. Because many victims get the Trojan in this way, namely, even on the computer, after they were lured under an excuse on fake websites. In case of doubt, avoid the new software that should be so unique before you are ready to expose yourself to an encryption Trojan.
5. Human factor
If you think a little bit before you click, it belongs to the one percent that is much safer on the net than the masses. Because most major hacker attacks are not due to the fact that the original vulnerability is a software gap, but to human behavior. If you're on the net with common sense, you can save yourself a lot of trouble.
Today, most burglaries occur in private computer systems these days over phishing attacks. Hackers send more or less targeted and differently sophisticated mails containing malicious links or files. The links lure the victim to web pages, which are then to pull personal information from his hair or it is trying to install malicious software.
Also in the file attachments is often hidden malicious code that the hacker wants to run on the system. For this he usually needs the help of the victim, which he tries to convince to do the same. So here too, the temptation to resist or refer to the software from another secure source and in any case before by the virus scanner check.
But if we increasingly think about such clicks and question the source of the email or the target of the link critically, the more confident and self-confident we are in dealing with software of all kinds. Common sense means nothing more than a click before and reflect on it:
From whom do I receive this mail? Why is this happening? And does this mail really reach me from the person who claims to be writing here? In case of doubt, a call to this person will show that either the mail is actually correct, it will reveal the attempt of phishing.
A critical eye should be given to the URLs of links and should be checked carefully. Because with special characters is like tricking. And last but not least, check that this domain really belongs to the company that writes me. The top-level domains already give information where a mail comes from, for example .ru, .tw etc. Because you have contacts there or not? Depending on you can safely delete such TDLs immediately.