Yahoo Hack: Are You Still at Risk?
March 15 2017 - 4:06PM
Dow Jones News
By Wilson Rothman
When the U.S. charged Russian spies and their alleged
co-conspirators on Wednesday -- claiming they were behind the Yahoo
Inc. breach that left more than half a billion accounts exposed --
the Justice Department shared some techniques allegedly used in the
act. Based on this, you can determine your risk, and learn ways to
minimize your chances of being a hacking victim in the future.
1. Change your passwords regularly
Hackers broke into Yahoo to steal user info. There's nothing
that anybody with an ordinary Yahoo account could have done to
prevent that. The stolen data allowed the hackers to trick Yahoo's
system into thinking they were ordinary users. But the hack only
worked with passwords that hadn't changed since the date the
information was stolen. (In this case, it was early November 2014.)
"The conspirators failed to access those accounts whose users had
changed their passwords after" that date, says the Justice
Department filing.
So change those passwords regularly, with the help of a password
manager. Our pick is Dashlane, but LastPass also gets high
marks.
2. Don't fall for phishing
The hackers also employed phishing emails to trick recipients
into opening attachments or clicking links, says the Justice
Department. WSJ Personal Tech columnist Geoffrey A. Fowler wrote
about the danger of phishing -- and how to stay vigilant against
it. The main takeaway: If an email is asking you to log into an
account you have, say Verizon or Google, don't click the link
inside the email. Instead, go to the account website you already
trust and log in. And of course, if the email looks shady, feel
free to ignore it.
3. Protect those around you
It's not enough to be careful about your own passwords. If you
are a high-value target, then your family and close colleagues may
also be targeted. According to the Justice Department filing,
hackers "frequently sought unauthorized access to the email
accounts of close associates of their intended victims, including
spouses and children."
The Yahoo hack is reason enough to practice other key security
measures:
-- Use two-factor authentication everywhere, and be wary of
account security questions.
-- Delete accounts that you don't use anymore.
-- If you think you've been hacked, there are ways to find
out.
For even more information, check out our One-Hour Security
Drill.
(END) Dow Jones Newswires
March 15, 2017 16:51 ET (20:51 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Altaba (NASDAQ:AABA)
Historical Stock Chart
From Apr 2024 to May 2024
Altaba (NASDAQ:AABA)
Historical Stock Chart
From May 2023 to May 2024