A California man has admitted to hijacking the passwords of many women’s Facebook accounts, scanning the victims’ sent folders for compromising photographs, then sharing the photos with the victims’ email lists.
The suspect looked for women who included their email addresses and personal information, such as their favorite food, their high school, or mother’s maiden name. He then used those details to reset the passwords for their email accounts.
In the official arrest warrant, an investigator wrote that once the suspect gained access to an email account, “he would search the account for nude or compromising photos [and] would then access the ‘forgot your password’ link on the victim’s Facebook account and request the password to be sent to the email account he controlled. [He] would then gain access to the victim’s Facebook account and publish the nude or compromising photos that he harvested from the victim’s email account. In some cases [he] would also email these photos to the victim’s entire email address book.”
One victim told authorities the intrusion felt like “virtual rape,” and “Facebook should have caught his activities more quickly.”
When investigators seized the suspect’s computer, they found more than 170 files containing explicit photographs of women. According to the California Attorney General’s Office, finding victims was tougher, but they used location geo-tracking information embedded on the photographs on the suspect’s hard drive to assist in identifying victims. Then authorities emailed 3,200 questionnaires to potential victims asking them to come forward.
Security Question Hack Protection
In general, most people need to remember to keep their security questions and answers on social networking sites as secure and complex as passwords used for email and online banking. Here are some ideas:
- Pick security questions and answers that do not involve any personal information that is available from social networking sites or any other sites.
- Switch the security questions you choose for password protection on email services and social networks.
- Add numbers or special characters to your security answers. For example, the question “What was the name of your high school?” could be answered “middle02high@school.”
Another issue is relying on simple passwords when we have all gotten so comfortable sharing personal information on social networking sites.
In fact, Internet security firm Check Point has found that 79% of people generally include personal information or names in their passwords, and 26% reuse the same password for important accounts such as email, banking or shopping, and social networking sites. In a recent survey, CheckPoint found that 29% of respondents had their own email or social network account hacked, and 52% knew someone who had a similar problem.
Here are a few tips you can implement today for advanced password protection:
- Choose a password that is at least eight to ten characters in length.
- Make sure your password is difficult for someone to guess and isn’t the name of your child, pet, or birthday.
- Avoid words that can be found in the dictionary.
- Choose a password that is a mixture of numbers, letters, and special characters.
- Use fragments of words, perhaps breaking one word in half and putting a special character in the middle.
Use Common Sense: No Sexy Photos
In addition, a nonprofit called Common Sense Media has issued recommendations for parents and teens about the smartest way to set privacy settings and establish safety guidelines.
Among the various tips it offers, the organization urges parents to do the following:
- Set rules about what’s appropriate to post. No sexy photos, no drinking photos, no photos of them doing something that could hurt them in the future. They also need to be thoughtful about their status updates, wall posts, and comments on friends’ posts. Remind them that once they post something, it’s out of their hands.
- Encourage teens to self-reflect before they self-reveal. Teens are very much in the moment and are likely to post something they didn’t really mean. Teach them to ask themselves why they’re posting something, who will be able to read it, and whether it be misunderstood or used against them later.
Do you have a teenager who uses Facebook? What steps have you taken to ensure privacy for you and your family? Take a few minutes to check out the full list of practical online privacy tips — adopting even one or two of these common-sense ideas may keep you and your family safer online.