Save Your Social Media

2020, Jan 03    

Save your Social Media Accounts

Thank you for coming here and Hopefully you will learn atleast something from this blog. This is the blog for everyone (techie or non- techie). As the title suggest this blog must be related to your security on the internet. Few days back, a friend of mine called me and said “My insta account is hacked”, I didn’t take it seriously because Of course I thought why would anyone hack his account (:p). I checked his account and Yes it was. I asked for his last password and found that his password was easily guessable If anyone knew him personally. So here comes one question “How did the attacker compromise his account”?. I can recall a famous quote by Edward Snowden that “ Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” It is somewhat our responsibility to stay safe online and it completely depends on us. How? You will get to know soon. Now, Coming back to my story The first thing I ask anyone who says that My account was hacked is “HOW COMPLEX YOUR PASSWORD WAS AND WHETHER YOU HAVE IMPLEMENTED TWO FACTOR AUTHENTICATION”. Seriously, How many of us do Take the warning message by the site to make your password complex seriously? I guess Half of us won’t. Also,How many of us use second layer of security, I guess Close to no one. Now comes the question how possibly the attacker must have comprised the account. There are just to ways(as far as I know) in which the hacker can get access of your account-

1. Phishing
2. Brute force attack(Hit and trial).

Phishing is the technique where an attacker send you a malformed page which looks similar to the social media page(like Facebook,gmail, Instagram and the like), and he asks you to logon on that page. On the other hand, since you trust the look of the page , log in with your credentials and boom, your credentials goes to the attacker and you are redirected to the actual page of the site.So here what an attacker does is that it leverages the trust of you on the site and Gets the access of your account. Easy?. Takeaway- Never trust anyone who sends you a random link and asks you to Click on it, sometimes it may cost you much more than the above.

Brute force attack or Hit and trial- As name suggests this attack works when your password is not much complex like just alphabets, Dictionary words or anything which is not much complex and easy to guess. In this attack, Hacker runs a wordlist against your password and if your password matches something in the wordlist , your account is taken away from you. Though this attack is not so much successful but yes it does exist. Takeaway- Use complex password.

To add the layer of security, It is highly recommended to Implement two factor authentication where You get OTP on your phone or email and then only you are granted the access. What to do if your account was compromised anyway? Just contact the support and they will surely help you. And Trust me this is the only way because if your account was already hacked then the hacker won’t fall for some bait like phishing or anything. Thank you for your time. Please do share and Stay Safe.

Any questions — Contact me on yogendra.swaroop.srivastava@gmail.com