Last week, high profile Twitter accounts were hacked, raising concerns over the security of social media accounts worldwide.
Accounts of prominent Americans such as Barack Obama, Joe Biden and Kanye West were compromised by one of its employees, Twitter later revealed.
Anand Prakash, ethical hacker and founder of cybersecurity company AppSecure, says the hacker in the Twitter case had access to admin tools, but in most cases, users are careless.
All social media users should use two-factor verification, he recommends.
“This way, even if a hacker gets access to your password, they won’t be able to access your One Time Password (OTP),” he says.
Do not click on suspect links and enter credentials on any link without verifying if it is genuine.
“Also, keeping your system updated is important so that no malware enters it,” he says.
Be wary of sharing info with apps
Kiran Jonnalagadda, CTO of HasGeek says in a majority of high-profile cases, when people claim their accounts are hacked, they are lying. “They post things that get them into trouble and then claim that it wasn’t them,” he says. Hacking can frequently be traced to users sharing their OTPs with random callers. “This leads to a security breach,” he says.
Be aware of what information you share with gaming and other apps on social media. “It all depends on how much you are sharing. It won’t lead to a hack directly but can lead to fake emails in your inbox that look like genuine ones, asking you to enter passwords,” he says.
Tinu Cherian, social media expert, believes a second step of authentication helps in dealing with rogue elements.
Strong passwords protect you against hacking attempts. Passwords are hacked by brute force, when hackers apply random passwords, or by guesswork, where hackers use a combination of spouse and children’s names and birthdays. “Have different IDs for banking work and social media. If they are connected, you could be compromising on security,” he says.
Unique passwords
Aman Nair, policy officer with the Cybersecurity and Data Governance team, Centre for Internet and Society, says hackers look for passwords on less secure websites and apply its pattern to other social media accounts.
“Use different passwords for different platforms. Apple security asks for personal details that you know but are not public,” he says.
What is social engineering?
It refers to a method where a hacker tricks individuals to give out sensitive details. In this case, a Twitter employee got fooled into thinking he was giving rights to genuine callers. Anand Prakash, ethical hacker, found a bug in Twitter in 2017 that allowed him to Tweet from any account. The company fixed it later.
“Technically it is hard to hack accounts now, as these platforms have good security teams now. But people who are not aware of social engineering can still easily fall prey,” he says.
How to protect your account
Use strong passwords. A combination of caps, special characters, numbers, long words can be hard to crack. Avoid passwords like 12345 and names.
Use different passwords for Instagram, Facebook, Twitter and other social media accounts.
Be wary of shortened links. They don’t let you see, before clicking, where they are leading.
Don’t click on random links. Check browser extensions.
Check for https:// before every link, as this shows it is secure and legitimate.
If you’ve lost access to your account, use password reset. Some social media sites have dedicated support teams.