Have you ever been hacked, but don't know how it happened? If your answer is yes, you are not alone - according to a Commtouch research report called "The State of Hacked Accounts," most users get hacked at high rates even when they do not think they are engaging in risky behavior.
According to the report, more than half - 62 percent to be exact - of users aren't even aware of how their accounts have been compromised. Additionally, more than half of hacked users rely on friends to point out their stolen accounts.
The study shows that Yahoo mail is the most hacked platform at 27 percent, followed by Facebook (23%), Gmail (19%), Hotmail (15%) and other (15%).
Aside from the 62 percent of users that aren't sure of how their account was attacked, 15 percent claim their account was hacked through a Facebook link, while another 15 percent claim their account was hacked through public WiFi. The categories of virus and "other" each made up 4 percent of how users claim to get hacked.
Furthermore, 23 percent of hacked users aren't sure of how their account was abused. However, 54 percent say their account was hacked to send out spam, 12 percent say hackers sent out emails to friends asking for money, 8 percent had phony messages sent out on Facebook and 4 percent claimed hackers did something other than the previous options.
Although most users with hacked accounts claim to either change their password and/or run a virus check, one of the most surprising statistics was that 23 percent of hacked users did nothing to recover their account - which is not a very smart move, considering their account was already hacked once.
But prevention is the best option, so here are some tips for keeping your accounts safe:
- Use passwords that are difficult to guess. Don't use keyboard sequences, birthdates or common names - instead mix numbers and capital letters.
- Use different passwords for different sites, so multiple accounts have a less likely chance of being compromised.
- Consider using a password manager to store all your passwords. However, make sure your master password is complex.
- Try to avoid public Internet terminals. If you do use one, uncheck the "remember me" box and always log out.
- Don't click on suspicious links within emails - if UPS, FedEx or Social Security needs to get a hold of you, they most likely will find a different way than through email.
- Don't click on suspicious links on Facebook - you aren't going to "win a free iPad" and you probably weren't "spotted in this video" - so don't "check it out!!"
- To date, no Facebook application allows users to see who has been viewing their page, so don't click on links that claim to do just that.
- Don't respond to requests that ask for your password. Ever.
- Lastly, set up a secondary email or phone contact for Webmail accounts, so an account can be recovered if it is compromised.