1. Get Stronger Passwords
Hackers often use password crackers to test multiple passwords within a short period of time. Even almost a decade ago, readily available commercial computers were able to test 2.8 Billion passwords a second. In addition to the shocking speed that hackers can generate and test passwords, password cracking is also surprisingly easy to do. A quick google search yields dozens of how-to videos and written tutorials on how to crack passwords.
Let’s say you have a 6 character password that’s all upper and lowercase letters. That gives a little over 4 Billion possibilities for your password. With an equipped password cracker, a hacker could correctly guess your password in less than 5 seconds. Let’s say you have a password that’s 8 characters long which consists of upper and lower case letters and digits from 0-9. This creates a total of 136 Trillion possible passwords. This volume would take a password cracker over an hour to guess. By adding just one more character, it brings the possible password count up to over 7.3 Quadrillion, which would take over a month (30.41 days) for a password cracker to guess accurately.
2. Regularly Update the Software You Use
Software is updated for many reasons, whether for performance updates, feature additions, or visual improvements. The most critical reason for updates, however, is to solve security issues. Vulnerabilities are dime a dozen in most modern software, and often times a large number of them go undetected prior to digital release. Even if detected prior to initial release, other updates to the product could create or unearth new vulnerabilities. Regularly updating all of the software on your computer is a simple way to ensure you’re protected, at least at a basic level.
3. Keep an Eye Out for Phishing Emails/Texts/Calls
Everyone thinks that they can spot malicious emails in their inbox, however the fact that 78% of organizations fell victim to a phishing attack in 2017 says differently. Often times, phishing attacks are carried out in a way that the attackers spoof a company that the victim is familiar with. Phishing used to be effectively confined to email. However, with the rise of mixed media messaging (MMS), attackers have taken to text messaging targets. In fact, just this morning I received a text pretending to be Wells Fargo, who I don’t have an account with. I just deleted the text and went about my morning, but people often click on that link and effectively hand the hackers their personal data on a silver platter.
Basically, don’t trust attachments, links, and other points of contact from sources you don’t know. And if you think you know the contact but are unsure of the intent of the message, do some digging. Compare the sender’s email domain/phone number to confirmed points of contact. Save regular, confirmed contact numbers from senders so you’re aware when it comes from a different number.