How Did They Know That? The Clever Ways Hackers Learn About Their Victims

Posted on Oct 29 2014 - 10:35am by Editorial Staff

Pic - 1

You receive a call from the bank, notifying you of some unusual charges on your debit card. As you file the claim and launch an investigation into the fraudulent charges, you can’t help but ask, “How did this happen?” You take every precaution to protect your accounts, so how could a hacker possibly have gotten hold of your account numbers and personal information?

The answer might surprise you. The fact is most people don’t realize that the things they do every day — things that seem innocuous — are actually giving hackers clues that they can use to steal your information. Not convinced? Check out these clever ways that hackers steal information.

Pic - 2

Source #1: Weak Passwords

We all know we shouldn’t use common passwords to protect our accounts — but we do it anyway. Hackers are capable of launching brute force attacks on password-protected accounts, and they keep trying different password combinations until they find the one that works. Once they have your login information, the hackers then have free reign in your account to gather whatever information they can. Email accounts are goldmines — hackers can find out where you shop, see your account information and contacts and read your messages to learn more about you. They then use his information to launch more targeted attacks.  Bottom line? Protect your high-value accounts with strong passwords, and consider using two-factor authentication to keep out the snoops.

Source #2: Viruses

Many viruses are designed to steal information. Key logging viruses are common — and dangerous — tools that hackers use to steal personal information, by logging every keystroke you make on the computer. When the hackers see everything that you type, they can usually easily pinpoint your passwords and log in details, and then use it to access your accounts. The solution, of course, is powerful antivirus software — you even need antivirus for Mac, contrary to popular belief — that will block these harmful programs and keep your information safe.

Source #3: Social Media

These days, everyone shares just about everything on social media, from the details of what they had for breakfast to where they plan to travel for spring break. Hackers see social media as a goldmine of personal information that they can use to steal useful data. Not only do your profiles potentially provide clues that can help them access accounts (your birthday, your pets’ and kids’ names, your anniversary, your mother’s maiden name) but they also provide details that hackers can use in social engineering attacks. Does your profile mention that you work for the Acme Corporation? A hacker looking to attack the Acme Corporation might use your profile to dig up information about projects you’re working on to launch a spear phishing attack; when they know you work in finance, for example, you might receive an email from “Bob in Accounts Payable” that looks like it’s from a co-worker — but really contains malware designed to infiltrate the network. The solution? Lock down your privacy settings, and only share necessary information.

Source #4: Public WiFi

You’re waiting to meet your friend at a coffee shop and decide to do pay some bills online on your mobile device. But see that guy in the corner, the one who looks like a college student? He’s really a hacker, and he’s intercepting all of the internet traffic in the coffee shop — and you just gave him all of your account numbers. If you must use public WiFi, avoid doing anything that could expose sensitive information, like online shopping, checking your bank balance or logging in to email. Instead, look for a secure network, or wait until you get home.

Source #5: Phishing

Almost everyone has received a phishing email, a message designed to get us to click on it and share personal information; for example, an email that purports to be from a company you do business with. Spearphishing takes it one step further, with criminals carefully tailoring emails for their targets; for example, sending an email to a business owner that looks like it’s from a potential employee with a link to a fake resume that includes malware. By responding to these messages — sometimes even just clicking a link — you open yourself up to hacking. Learn the signs of a fake or spoof email (always check the sender address, for example, as it’s usually a dead giveaway) and never open unexpected or unfamiliar attachments.

The fact is, as users become more aware of common scams and become savvier about protecting themselves, the hackers will become more sophisticated and audacious as well. However, if you follow the advice of security experts and use strong antivirus, manage your passwords correctly and keep your personal data, well, personal, you should be able to avoid costly data breaches.

About the Author
Editorial Staff

Editorial Staff at I2Mag is a team of subject experts led by Karan Chopra.