Skip to Content
© Rawpixelimages |
Kim's column

7 secrets hackers don’t want you to know

The internet is a scam minefield. Around every corner, someone is waiting to rip you off.

Think I’m dramatic? In 2020, Americans reported more than 2.2 million fraud cases to the FTC, with nearly $3.3 billion in losses. Cybercrime pays big time. Just look at the $5 million Colonial Pipeline recently paid to hacker’s ransomware demand.

Your first line of defense? The basics that everyone likes to ignore. Tap or click for the essential cybersecurity basics, from strong passwords to keeping your system up to date.

The more data scammers and hackers have on you, the easier it is to take advantage. If you own a home, so much personal info is floating around. Tap or click to see what your mortgage documents and other public records reveal to anyone who knows where to look.

The fun doesn’t stop there. Here are seven security secrets hackers wish I wouldn’t tell you.

1. We’re going to use what you post against you

You might not realize how much your rambling can give away to snoops and hackers. That’s because many of us use names of things that are important to us, like our kids or pets, to create passwords or answer security questions.

First step: Check your social media privacy settings. (More on that below.) There’s no reason your profiles should be publicly accessible. Then be honest with yourself about how much private info you share. Should everyone on your friend list know the names of your grandkids, where you live, and important dates in your life?

While you’re at it, get rid of those easy-to-guess passwords, too. Tap or click for five smart rules to create passwords you can remember.

2. We’re good at writing believable scam emails now

Some of the most successful scams come through emails. It’s not all Nigerian Princes and other tricks you already know how to spot. Today’s hackers are a lot smarter than that.

Look for subtle signs that something is off, like a link or email address with a single character changed. On a computer, hover your mouse over any hyperlinks and see where they go. If it’s not a site you recognize and trust, don’t click.

If the email urges you to download something, especially something you never requested, delete it and move on with your life.

BEFORE YOU HIT DOWNLOAD: 5 mistakes to avoid when downloading files

3. We’re scouring your photos for details

When you’re focused on smiling for a selfie or catching a cute photo of your dog, you might not realize what’s in the background. Snap a picture in your home office, and your computer screen could be visible. What secrets are there for someone who zooms in close enough?

Before you post a photo online, zoom in and make sure you’re not uploading anything private. Then, lock down your social media accounts. At least this way, you know who can see the things you post.

On Facebook (from a computer):

  • Log in, then click the arrow pointing down on the top right corner.
  • Select Settings & Privacy, then click Settings.
  • Click Privacy in the left column.
  • Under the Your activity heading, choose whether all your friends, only certain friends, or anyone can see your posts, liked pages, and tagged photos.

On Instagram:

  • Tap the settings wheel at the very top, then Privacy.
  • At the top, toggle the switch for Private Account.

4. We know who to pretend to be to fool you

If you get an email from a stranger asking you for money, you trash it, right? If it’s from your boss or HR department, though, there’s a good chance you will take it seriously. BEC, or business email compromise, attacks are widespread for just that reason.

In most cases, these scams involve getting an email from someone you report to or your company’s HR department asking you to purchase something, send gift cards, pay an invoice, wire money or hand over your cash some other way. Of course, it’s not your boss or company contacting you.

If you receive such a request, reach out to that person another way. Don’t just reply to the email. Instead, give your boss a call or stop by the HR office to confirm the request was legitimate.

5. We know your network’s weak points

I already reminded you how vital secure passwords are for all your accounts, but what about your router? If you never changed that when you set up your router, you need to do it now. Tap or click for the fast and easy way to find your router’s default password.

Then consider how you share your Wi-Fi password. You can allow guests Wi-Fi access without giving them your password with these options:

  • Create a Wi-Fi guest network with a separate password for visitors to use.
  • Create a QR code your guests can scan to connect.

Don’t know how to create a QR code for your Wi-Fi network? No worries, we can help. Tap or click here to find out how to share Wi-Fi without giving out your password.

6. We’re patient enough to wait you out

Hackers should be Hollywood actors because they know how to play the game and make you fall for their tricks. They have incredible fortitude. Tech support scams work this way.

You get a strange popup, call a number and end up on the phone with someone who says they can help. The “tech support rep” may talk you into giving up remote access pretty quickly, but the person doesn’t try to make a sale right away. The person waits until you believe that you’re talking to a genuine IT company. Tap or click for 7 hot IT support scams going around right now.

7. We’re sneaking into your old accounts

How many unused accounts do you have just floating around? They’re for games you don’t play anymore, services you canceled long ago, and email accounts you never access. Bad news: They serve as another way in for smart hackers.

There’s a good chance a lot of your old accounts share the same (bad) passwords. Once a hacker learns one, they have the keys to the rest of the castle. Your old accounts may even contain personal information they can use to get access to your current accounts.

Your first action item is identifying those old accounts. Look through your email, and search for words like “login,” “account” and “password.” The site can help you find the steps to delete old accounts in a snap. Tap or click for a direct link and more pro tips to wipe these out.

NEED A HAND WITH A SLOW PC, SMARTPHONE ISSUES OR A SOFTWARE PROBLEM YOU CAN’T CRACK? Post your tech questions for concrete answers from me and other tech pros. Visit my Q&A Forum and get tech help now.

What digital lifestyle questions do you have? Call Kim’s national radio show and tap or click here to find it on your local radio station. You can listen to or watch The Kim Komando Show on your phone, tablet, television, or computer. Or tap or click here for Kim’s free podcasts.

Stop robocalls once and for all

Robocalls are not only annoying, but they scam Americans out of millions every year. Learn Kim's tricks for stopping them for good in this handy guide.

Get the eBook