You can never be too careful when it comes to online security. Scammers and hackers are a constant danger to your privacy, data and finances. While there is no guaranteed method to remain safe, you can protect yourself and minimize the risk of falling victim.
Phishing attacks can target anyone, as they rely on victims’ sense of trust rather than how they secure their accounts and devices. For example, scammers are crafting emails to Office 365 users that trick them into signing into phony websites. Once this is done, the victims’ login information is stolen and their accounts hijacked. Tap or click here for the full story and tips on avoiding this recent scam.
A recent incident reads a little different. The hacker, in this case, targeted a certain group of victims and was even personally familiar with some of them. The crook is awaiting sentencing after stealing personal and sensitive data.
Here’s the backstory
Nicholas Faber of Rochester, N.Y., is going to jail for hacking into dozens of female college students’ accounts and stealing nude photos, among other things. The 25-year-old man received a three-year sentence in federal prison for his crimes after pleading guilty.
Faber and co-conspirator Michael Fish targeted female students at the State University of New York at Plattsburgh between 2017 and 2019. They obtained information through a variety of means that they used to get into social media accounts such as Snapchat and Facebook, in addition to iCloud accounts. Faber himself is an alumnus of the school.
Faber was part of an online community that participated in similar criminal acts and traded/sold files. Prosecutors also found evidence that Faber gave email addresses and usernames to hackers and asked them to access the accounts. He made at least 50 of these requests.
Justice.gov reported that Fish pled guilty to computer hacking, aggravated identity theft and child pornography offenses. Faber has also agreed to pay $35,430 in restitution to SUNY-Plattsburgh.
Faber employed different methods to get into his victims’ accounts. We’ll give you some examples and tips on avoiding falling victim to these tricks.
Tactic: Successfully answered security questions
Faber broke into some accounts by starting the password reset procedure and then correctly answering security questions.
Quick fix: This can easily be avoided by beefing up your security question standards. Pick the most obscure question and answer combination you can think of. Avoid anything like the city you were born in, your first pet’s name, mother’s maiden name, etc.
Another method is to make up answers. People who you were once close to you or even social media stalkers could know personal details like where you were born, your third-grade teacher’s name and more.
Simply make up fake answers to these security questions, and no one will know the answers. Be sure to remember your fake answers or risk being locked out yourself!
Another great tip is to enable two-factor authentication when available, as 2FA is a good first line of defense. Set this up on all your accounts, and you’ll receive an alert when someone tries to reset your passwords. Tap or click here to read about authenticator apps.
Tactic: Sent messages asking for codes
Faber would text girls from a fake phone number, saying he accidentally signed up for Snapchat with their phone number and needs a code to change it. The victim would provide him with the code which let him reset their passwords.
Quick fix: Whether you get a text from a stranger or someone claiming to work for a company whose services you use, don’t ever provide any personal information. If there’s a problem with your account, speak to the company directly. They won’t email, call, or message you asking for a password or security code.
If you’re not sure about a message you’ve received, contact the company directly, as this Kim Komando listener did when she was contacted by a scammer posing as Microsoft.