Staying Safe Online: Password Security

You will have noticed recently that several students have had their email accounts hacked. Scammers have accessed their accounts and used them to send out emails trying to get other students to click a link or download a file. Those that do are prompted for their school username and password to access the file. As soon as they do that, the scammers now have another account they can use to scam others.

In this post I’ll cover three things:

  1. What it means to be hacked.
  2. How to protect yourself from being hacked.
  3. And what to do if you think your account has been hacked.

Getting Hacked

Movies always show hackers as being really smart nerds that use their programming skills to break into banks or hack their way into the Pentagon. There are really smart nerds out there that can hack their way into computer systems but that’s rarely the kind of hacking that we see at school. The kind or hacking we see is called phishing. In a phishing hack people are tricked into giving their username and password to scammers.

One phishing technique is to trick people into clicking on a link that is sent to them by a friend. That link then prompts them to put in their username and password. As soon as they do that, the scammers have their account.

Another way is through downloading and installing software from unsafe websites. Maybe it’s a free game that looks really good but when you install the game it also installs other programs that give hackers access to your computer. We have seen programs that claim to clean up your computer and make it run faster. It turns out they install other software on the computer that make it run worse and give hackers access to everything on the computer.

Don’t feel bad if one of these things has happened to you. It happens to a lot of us. The scammers are good at it. Lots of kids and adults get tricked. The hackers are always coming up with new ways to trick people.

How To Protect Yourself

  • Think. Be on your guard. If something seems too good to be true, it probably is too good to be true.
  • If someone sends you a link or a file to open, don’t open it until you’ve called them to make sure it’s really from them.
  • Only install software that you know is safe. For most people that means only getting it from the App Store. If you’re not sure if some software is okay, check with one of the Learning Innovation Coaches or a technician at the Genius Bar before installing it.
  • Set strong passwords or better yet a strong passphrase. Use a different passphrase for every website. There is blog post on the Innovation Blog about setting passphrases and using a password managers. Check it out.

What To Do If You’ve Been Hacked

If we were on the school campus you could reset your password yourself via the password server. (For security reasons, that server is only available when on campus.)

For right now if you think your account has been hacked, email the helpdesk and one of the technicians will reset your password for you.

It’s unfortunate that phishing and hacking exist but by using your head and taking a few precautions you can protect yourself.