Skip to main content

Help, someone's trying to hack my Facebook account!

So I received a phone call with a friend saying the exact words in the title.

This friend suddenly started receiving password notifications for several of their social networking sites (Facebook, Twitter etc) and other applications. The more interesting aspect is that this friend has an upcoming legal case so the multiple password notifications from independent applications and sites was a little more than conincidental. Given all the incorrect uses of the word "hacker", I refuse to call this person or people "hacker(s)" and really, what he/she/they did is not that subtle.

I had some advice for my friend, which I first bounced off another good friend, Brian Honan, who was extremely helpful as always and had some awesome additions.

So this post is not intended to tell you how to be safe on the Internet or how to harden your laptop/destop/phone. I simply thought I'd publicise this advice in case anyone-else ran into the same scenario (bear in mind that this advice is primarily intended for a non-technical person, who may have to contact law enforcement -
  • Record everything. Using a bound notepad (not the type you can tear a page from), note every event with date and time of each incident, as well as the actual details of the incident.
  • Print out all emails, messgaes, screen shots etc that relating to every incident encountered. 
    • Date each incident and link it back to the record in the notebook.
  • Report it to law enforcement, they may not be able to do anything but at least it will be reported to them and they will have a record to go back on if it becomes serious. 
    • The notebook and printed evidence will obviously help with initial report and any subsequent reports.
  • Likewise report to the provider's security team (e.g. Facebook, Twitter, LinkedIn [I could only find a link to the hack, not their Security Team :(], Google etc - they all have their own security team and they should be pro-active in helping). Some companies have a "security team" in name but not in reality so your email will go to trash essentially or in geek terms "/dev/null". However, again, there is a record.
  • Report every incident to both bodies. Do not leave anything out.
  • Change passwords and use enhanced security of any service they are using, e.g. Gmail and Facebook have advanced security settings. Use two-factor authentication where possible. As we all know, nothing is infallible but raising the bar helps and tends to discourage the vast majority of attackers onto an easier target.
  • Run regular AV scans on all your machines (do not flame me for recommending AV, I know the many short-comings, however, for all its failings, it does have a place for many end-users and it will catch the "known" stuff.
  • Decouple any applications from their social network profiles. If you log into any site "with Google" or "with Facebook" etc, remove that facility from the site and set up a unique password that is complex, difficult to guess but that you can remember.
  • If required (given the many unique passwords that you now have), use a password manager. Some folk like them, others don't. I feel that most users have a tendency to use simple, common passwords or simply re-use the one complex password, both of which have been shown to be the case in multiple hacking stories this year, and ultimately password managers strongly discourage this behaviour. Overwall (imho) the advantages outweighing the negatives (such as single point of failure), although I prefer not to have my password managers in the "cloud", rather on local systems that I have physical access to. For a much more detailed discussion check this link out.
This list is not perfect, nor is it endless and I'm happy to modify it based on valuable suggestions.

The blog post is intended to help others (non-technical, not as Internet savvy as many techies) who believe their Internet accounts are being attacked for whatever reason.

Just my 0.02c and I thought I'd share.....
Labels:

Comments

Post a Comment

Popular posts from this blog

Being a Support Engineer @ 10gen - Part 1

There's a mis-conception around the role of a "Support Engineer".  As a clue, it's not what Urban Dictionary   says   - A person whose job is to answer calls from customers of a small- to large-sized company...... They are teathered to a their desk all day via phone headset........ phone jockeys usually hate their jobs.......they are are paid well enough..........until they completely burn out, and hate everyone.   and doesn't always involve this - Image Source: http://half-bakedbaker.blogspot.ie/2009/11/cannoli-and-broken-computer.html As you can see  here , there's lots of open roles in  10gen  and more specifically with 10gen, in  Dublin . I thought I'd write this quick blog to explain what Support Engineers actually do and why I joined 10gen as a "Support Engineer". I could be wrong but didn't Google come up with term " Site Reliability Engineer " to do away with the stigma associated with being a...
Post a Comment
Read more

LinkedIn Emails

Receiving mails via LinkedIn is an interesting experience. For example, how many folk actually personalise "contact requests" - from what I see, less than 1%. I typically try to because I think it shows some thought has gone into the request and it's friendly, but then "manners" on the Internet is a very different thing to the real world, right ;-) Anyway, to the point of the blog post. In early November (2012), whilst I was preparing my Security Onion presentation for IrissCon  (why did I bother when my MBP died on-stage), I received a very interesting and personal email via LinkedIn. The email came from a "Senior International Belief Instigator" (let's call him the SIBI - to save me typing) at Riot Games and the email was literally awesome, it hit many of the key points that you'd hope for in a recruiter email but it also had a wonderful tone. In my ignorance, I knew of League of Legends but not Riot (yes, I am embarrassed by that). I r...
9 comments
Read more

WAF versus DPI Firewall

This is a question, I've frequently been asked in recent years and in the last month, o n one of the internal mailing lists, in my old company, the following question was posted – In simple terms, what tasks is a Web Application Firewall (WAF) able to do that a Deep Inspection Firewall can't and why ? by one of my colleagues. Many of you may be surprised (I know I was initially) but this question still comes up an awful lot. Having answered the email (as a warning, I went into a lot of detail and plugged the awesome Security Onion ), I was requested to write a technical blog on the subject, but as I left the company soon after, the blog was never published. Therefore, to save me answering the question again, I thought I’d publish it so I can just reference the link in future J
6 comments
Read more