This past week, a well-known journalist Mat Honan had his Apple and Google accounts compromised when a hacker used Social Engineering to pose as him, resulting his Apple devices being wiped remotely, his email account was deleted and hisTwitter account were hacked as well.
Why Does This Matter to You?
It could happen to you! Yes, really! As Mat points out in his article, he was contacted by others who experienced exactly what he did.
One method of Social Engineering is to get into someone’s account by posing as them. They do their research, which can be easily attained online if they know what they’re doing, especially if the person is famous or well-known. By posing as that person, they can call up a company and pretend they have forgotten their password. By answering questions that supposedly only that person knows, the company has no reason not to believe they are that person, gaining them access to the account. Mat goes into more detail on this in his article.
Leo Laporte and Iyaz Akhtar of do a wonderful job of explaining what happened in plain-English and how to take proactive steps to prevent it from happening to you! Check it out in the video below from the Know How podcast. It’s roughly a half hour long, but absolutely worth watching!
The This Week in Tech (TWiT) podcast interviewed Mat Honan. You can watch it below (at the beginning – lasts about 30 minutes). You WILL want to enable 2-factor authentication after watching this. Trust us. It may feel inconvenient, but there’s always a balance between security and convenience. It’s just a matter of getting used to the extra step.
Mat is quick to point out that he did not keep backups outside of his Apple and Google accounts, which were compromised, so that information was lost.
In many ways, this was all my fault. My accounts were daisy-chained together. Getting into Amazon let my hackers get into my Apple ID account, which helped them get into Gmail, which gave them access to Twitter.
Despite the mistakes he made, his experience brought severe security flaws to light, which the companies have somewhat acknowledged, but it can be tough to implement solutions when most people aren’t willing to take the extra steps to secure their online life, because it’s an inconvenience, as they point out in the Know How podcast.
What happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information.
The take-away from all of this for you? Take a few minutes and follow the steps described in both of the above videos to better secure your digital life. Use Google 2-factor Authentication. You can do the same on Facebook. Use secure passwords. Even better – use LastPass. It’s free! It may be mildly inconvenient for the first little while, but like anything, it will become habit eventually, and you can have the peace of mind knowing you’ve done more to protect your accounts from being hacked.