Data Privacy in the open web environment — 3 things you need to do to protect yourself online.

Written By Mark Castillo
Image of someone using a computer keyboard.

While I was sipping a cup of coffee before heading to work, I got a chat from a friend asking if I could recover her Facebook account that was hacked back in October 2021.

Two things came to my mind after reading her message — First, why did she approach me a year after her Facebook account got hacked? Isn't she supposed to be moving on with her new Facebook account? Second, am I going to get paid for this project? I certainly knew that the answer to the second question was No, but well, I guess I don't have any choice because she was referred to me by my mentor!

I took the chance to take the project and see how far I would go. I gave the expectation that there could be very little chance of recovering her Facebook now as the incident already happened a year ago. However, she was determined to put her hopes on me, so I started the project.

I started my investigation by getting her account credentials (the last known Facebook password and email address). It was delightful to know that the bad guy didn't change her email address on Facebook. However, the client couldn't receive a Facebook email whenever she tried resetting her password.

To cut the story short, I was successful in my task to get her Facebook account back. I found out that the hacker had gained access to her email address, changed her Facebook password, and blocked Facebook from sending messages to her email.

We got lucky in her case because the hacker did not change her email address. However, the issue is not always the same for all. Everyone needs to know how to secure their account and practice cyber hygiene.

So what do you need to do to protect your account (and yourself) online?

Change password screen in Outlook Web Access. Enter current password, new password, and confirm new password.

First, have a recurring schedule to change your password. It is always a debate about when to change your password. However, security experts recommend changing your password every three months as the best practice. So, start working with your calendar and schedule yourself a recurring event to change your passwords. It can be tiring for some, but this practice is better than sorry!

Customize your Azure portal settings with this user-friendly interface.

Second, be wary of unverified extensions and plugins. It may look fun to answer interactive surveys and forms and share the results on your Facebook feed. However, most unverified applications online are becoming the hacker's gateway to exploit your data. You would be surprised that the apps that are supposed to be "fun" give backdoor access to take over your account. Always do a regular audit and consider online safety before opening applications from untrusted sources.

Office 365 update

Finally, watch out for internet scams. Online fraud has become more aggressive from time to time. Vishing, scareware, phishing, and email spoofing are some of the campaigns used by bad actors to gain access to accounts. It is becoming harder to spot a fake email — you may need a second look to notice the difference between paypalaccounts@paypal.com and paypalacccounts@paypal.com. Always check the email address and phishing signs before clicking any link. It is always better to sanity-check than to be sorry.

There could be a long list of how to protect yourself online, but it is a good start for you to practice at least three things I mentioned in this article. Stay safe online!

Mark Castillo
Previous

Trust the process. ⁣
Next

Stop using your personal Facebook account to manage your company’s Facebook page — here’s why.