What will your first thought be when you heard about online safety?
Did it ever occur to you that not all of the customer service you have your private information stored on are that hell-bent on guarding your private information?
Just sometime around last week, I stumbled upon this interesting article that has made me becoming more cautious in regards of my online privacy. There is this one Japanese guy, Naoki Hiroshima, who lost his single alphabet twitter username (@N), through extortion. He wrote a detailed article here. Basically, the attacker managed to take over his GoDaddy account by using the last four digit of his credit card as the identity verification. He managed to obtain that particular information from Paypal. Thanks to this article, now I know that the distribution of certain information is permitted. Long story short, the attacker threatened to “tinker” with his other websites if he insisted on keeping his twitter username. He then decided to give it up, after remembering what happened a year earlier to another guy whose digital life was completely annihilated.
And then, there is this another guy, Mat Honan, with a similar story, and he was a victim of Amazon and Apple security flaws. Mat had his MacBook, iPhone and iPad remotely erased through the iCloud function. The hacker obtained the last four digit of his credit card number through Amazon, and then took over his Apple account with that information to confirm his identity. The iCloud function, might be both a blessing and a curse to Apple users. When the access all of your devices is within your fingertips, that means people with your id and password could easily obtain the same access. You are pretty much done for.
And finally, there is this last guy with Twitter and Instagram username of jb (It’s famous ’cause of Justin Bieber/Jonas Brothers/etc) who barely managed to fend off the hacker. The hacker tried to look up his information online, and whined to one of Amazon customer service representatives about losing access to his account. From what he wrote, shopping site’s customer service would be easy to convince. In his case, Amazon provided the bridge for the hack to occur. It was a pure luck that he was online, and managed to secure his online accounts, as the change was not completed.
I’ve never exactly experienced a hacking incidents, but I have had my Facebook account accessed from strange locations. Fortunately, I’ve never stored any sort of payment to my Facebook account, and I’m guessing that might the reason why the hackers decided to leave my account alone. I used to use the backward of my name as my password. It did not work really well, even though it was a huge improvement from my previous password,which was my own name. Noob.
I am aware that neither me or my username are popular, but again, it is quite worrisome to see how easy it is to get your digital life screwed over. After reading their story, I made a list of what I should do. It’s alarming to see how different companies use different measure for identity verification..
1) Use your cellphone as extra layer of protection. Some website would send a confirmation code to your cellphone via text message before letting anyone access your account.
2) If you have a Paypal account, create a 6-digit Customer Service PIN for identity confirmation. For Apple IDs, don’t store Credit Card information in them. Just purchase the gift card and store it to your account.
3) If you have an Apple ID, try using an entirely different email address from the one you regularly use. From Mat’s experience, don’t connect your Mac laptops to iCloud. It’d be much safer to back up your data locally.
4) Never use iCloud Keychain feature. Losing access to your iCloud would compromise the whole dynamic of your digital life.
5) The idea of having one username and password across different platform is preposterous. So does using another email address as a back up means to recover your account.