Protecting your online privacy and security seems to become more difficult with every month. Recent exploits like the Heartbleed bug have proven that even someone who diligently guards their own security isn’t invulnerable.
A breach in your security usually doesn’t stay secret for long, however. Someone who has your account credentials for one or more websites has probably taken them with a purpose in mind, and their actions will leave a trace. Here are the most common warning signs.
Password resets you didn’t request
Resetting your password is one of the first steps an attacker will take if they’re trying to lock you out of your accounts. Resetting the password of course means you won’t be able to log in, complicating account recovery.
In most cases you’ll receive this request by email. While it’s usually not a cause for concern, it might mean that someone also has access to your email, and is now using that access to close off accounts you own. If possible, check to see if your email has been logged in from an unusual location. And it’s always a good idea to have two-factor authentication turned on if it’s available.
Be careful of fakes, though. Phishers often send emails that look like a password reset or recovery message and provide a link. When the user investigates, they’re sent to a fake site meant to look like the real thing. It’s a good idea to ignore the link sent and log into your account by visiting the website directly through your browser, either via your bookmarks or by manually entering the URL.
Registrations from unknown sites
Emails from sites that you didn’t register for can also indicate something is wrong. If someone has access to your email they can sign you up for anything they’d like. Alternatively, they might not have your email, but do have access to other information about you. Legitimate sites won’t activate an account without email authentication, but not every site is legit.
The same warning that applies to password reset emails applies here, too. Be careful of phishing attacks designed to trick you into thinking someone is using your accounts. Avoid email links and visit the site directly.
Login activity from unusual locations
One of the surest signs that your online perimeter has been breached is the appearance of strange login locations in important accounts. Gmail and Facebook, along with some other websites, can show you where the most recent logins have occurred. You can even setup notifications for strange login activity.
If you detect such activity, reset your password immediately and revoke access to all currently open session of the account. This will immediately shut off access to anyone who is trying to snoop around.
Changes to your social network settings
Sometimes an account that’s been compromised won’t have its password changed. Instead it may continue to be used, but for purposes the owner didn’t intend. This is must common on Facebook, Twitter and other social sites, where compromised accounts are used for spam.
A hijacker might try to disguise their activity, or enhance it, by changing your settings. You may suddenly find yourself sharing everything with everyone on your friends list, or you may find yourself following a huge number of accounts on Twitter. Security features may be disabled, as well, though you’ll usually receive an email notification when such a change is made.
If your settings are being changed without your knowledge, change your password and revoke access from all active sessions. Also change your email password, since it’s possible that your social profile was compromised through a compromised email account.
Unexplained credit activity
Most online attacks focus on login information. It’s easy to obtain and, since a lot of people use the same email and password for many accounts, a leak from one website can be used to compromise others. While the specter of identity theft looms large, most compromised accounts are used to drive spam instead of register for credit cards.
With that said, identify theft does happen and in some cases is ridiculously easy for a criminal to accomplish; last year’s breach of Target secure, for example, lost over credit card information for millions of customers. You should keep tabs on your credit and debit cards and also on your credit report.
If you see an unknown charge, don’t freak out; it may be a mistake or an item you don’t remember purchasing. Call the credit card company and see if they can tell you what the charge is for. If it’s truly not something you purchased, consider canceling the card and having a new one issued.
Credit activity can be a bit harder to track down, but you can investigate by ordering a credit report and calling those companies that hold an account in your name that you don’t recognize. This can take a few hours, but if you see something on your credit report that you truly believe is wrong, it’s imperative that you check on it. Catching a problem reduces the chance that you’ll be held responsible.
An unexpectedly locked account is a very common occurrence. We receive questions about the issue constantly, and at least some of the people affected have had their account locked because of suspicious or inappropriate behavior taken without their knowledge.
With that said, a locked account isn’t all bad. If the account is locked because of too many incorrect login attempts you at least know the attacker did not compromise it. This may occur from a mass attempt to login using account credentials stolen from another site, or because an attacker is trying an old-fashioned brute force approach.
Recovering a locked account varies from site to site, but usually requires authentication via private information, a phone call, or an email. The key to resolving this situation is to make sure you know how an account recovery is handled before your account is locked. Many Facebook users associate an email or phone number with their account that’s no longer valid, for example, and when their account becomes locked it’s not easy to regain access.
Keeping tabs on your online security isn’t difficult. For the most part you only need to response to issues as they appear. Of course, this is easier if you’ve already secured your accounts well, create a secure password and protect your PC with a quality antivirus.
(article by M.Smith)