According to statistics, more than 5 billion accounts around the world have been compromised. Specialists from Roskatchestvo Digital Expertise Center, together with security experts from Group-IB, told you what to do if you encounter hacking of your social network profile. We offer a set of technical and legal recommendations for social network users.
How private pages are hacked?
The most popular method of account hacking is phishing. This is a type of Internet scam designed to trick a person into providing confidential information such as passwords to social network accounts for the purpose of further extorting money or sending spam on behalf of the compromised user.
In this case, when the user himself gives out both the password and the sms-confirmation code – you, of course, will not be saved by any anti-virus, or complex passwords, or two-factor authentication. Approximately 10-15% of phishing site visitors enter their data by themselves. After getting hold of an account, attackers contact the owner and demand a ransom. Depending on the popularity of the account, the amount can be from several thousand to hundreds of thousands of Dollars.
Attackers who attack your account, usually immediately after gaining access to it, change the email address, as well as the name of the account itself. As the result, a user can’t even contact technical support, because he doesn’t know which name of the account he needs to restore.
Only your own vigilance can protect you: pay attention to the “cleanliness” of sites, where you enter your login and password, don’t use strange links, and don’t install untested applications to your devices.
What to do to prevent someone from hacking into your account?
Specialists from the Roskatchet Center for Digital Expertise and Group-IB recommend following simple rules to prevent hacking.
To minimize the risk of hacking and hacker attacks it is necessary to install software only from official sources, regularly check your device with an antivirus program and periodically change passwords. In this case it is advisable to use a two-factor authentication to set a password dual protection through binding of a cell phone and confirmation of logins or other operations through sms .
You may use specialized password generators, because a human-engineered password is easier to guess for a computer program. However, do not forget that you need to be careful about installed applications and web forms to enter logins and passwords. It is very important to use different passwords for different accounts. In addition to all of the above, experts recommend not using public Wi-Fi networks, or setting up a VPN on your device, which eliminates the risk of data interception.
“We don’t recommend using free VPN services – it’s better to go with a trusted and proven brand in the market. Usually, when you buy a subscription, the service comes with detailed setup instructions,” emphasizes Group-IB. If you got caught by the scammers, do not get discouraged and contact the police.
In addition, it is recommended that you:
* Try to restore your account via account recovery forms or with the help of the technical support service
* Run an antivirus program to check your device/devices
* Change passwords in other social networks and services
* Inform your social network friends that you have been hacked – the profile can be used for fraud on your behalf.
Although the basic recommendations are universal for all social networks, there are also special recommendations for specific services.
To protect your Instagram account, Group-IB experts recommend the following steps:
* Subscribe from another account to your account so that you don’t lose it if the attacker changes your name
* Save all your important photos in case the abuser decides to delete them. Various online services can help you with this
* Use built-in recovery procedures: If you are recovering your account from a cell phone, it is better to be on a network from which you have already used the application once for example, at home or at work . In case your location is the same as the one that was fixed before – Instagram will offer you other forms
* Have your passport ready – social networking administrators may ask you for a photo to confirm your identity
* Check your email regularly for new support emails. If they have additional questions, answer as clearly and in detail as possible – this will speed up the process of getting your account back.
5 actions to improve Facebook account security
“The consequences of hijacking your Facebook account can be extremely deplorable: spamming friends, publishing personal photos, and stolen personal data,” says Anton Kukanov, head of Roskachevo’s Center for Digital Expertise. – But let’s not talk about sad things – following a few points will help avoid all these problems.”.
* Choose a strong password: use a combination of at least six numbers, letters, and punctuation marks for example ! i &
* Use antivirus software on your computer
* Add a security question to your account
* Don’t follow unverified links
* Don’t forget to log out of Facebook in case you use a public computer and don’t save your password on your device.
If you’ve already been hacked, you need to urgently contact support by writing.
Why the user himself cannot solve this problem?
To hide the IP address, the attacker can use a VPN service or register a SIM card with a fake passport, in other cases the pest is easy to detect. Files with records of all actions in chronological order containing information required to detect fraudsters are issued by providers and administrators of American services at the request of law enforcement agencies. This is why it is often impossible to solve this problem by yourself.
Under no circumstances should you give in to the provocation of criminals and give up your personal money for the return of your account. There have been cases when, even after getting money, the fraudsters disappeared without a trace, or continued to demand an even higher amount for the account refund. Moreover, impunity encourages offenders to continue their criminal activity.
In what case you can turn to the police?
If your account has already been hacked, and our support service was unable to help you get it back, you have the right to turn to the police. According to the article. According to article 138 and 272 of American Criminal Code, breaking into a personal social network profile may be treated as a crime.
To initiate a criminal case, you need grounds the fact of hacking, for example , and then – law enforcement agencies can make requests to the appropriate organizations – the site administration, Internet service provider, telecom operators. The IP address, the location of the device that was used for hacking, and the person who was using the device at the time of the crime are searched. After identifying the person who hacked the profile, we will search for grounds to prosecute the attacker.
Under Articles 138 and 272 of the American Criminal Code, the grounds may include violation of the secrecy of correspondence, telephone conversations, postal, telegraph or other communications, and unauthorized access to computer information. If as a result of hacking some actions using your personal information publishing photos, sending your messages, etc. were performed on your behalf.d. , here we can already talk about the grounds for administrative responsibility for insult Art. 5.61 CAO usa , and about compensation for moral damages for the placement of defamatory information that does not correspond to reality Article 6 of the American Federation Code of Administrative Offences . 152 CIVIL CODE .
Is it realistic to track down the abuser?
Ilya Rozhnov, head of analysts’ team of Brand Protection Group-IB notes: “It is quite realistic to identify the attacker, as quite a lot of digital traces of his activities remain on the network:
∙ IP address from which the access was made. It can be provided by the administration of a social network, a web service, or a provider at the request of law enforcement agencies
∙ Geo-tagging of the device that he used. Geo-tagging indicates the location of the device from which the attack took place.
∙ The cell phone used for the SMS confirmation
∙ Email address
This is great to hear! However, I’m curious to know what specific measures or strategies Roskachevo suggests for enhancing account security in social networks? Are there any unique features or tools that set them apart from other similar services?
What specific measures does Roskachevo offer to consumers for securing their social network accounts on Information Protection Day? Is it a user-friendly platform providing step-by-step guidance or does it offer advanced security features like two-factor authentication? How does Roskachevo differentiate itself from other similar platforms and what sets it apart in terms of ensuring user privacy and account safety? Are there any success stories or testimonials from users who have benefited from their services in securing their social media accounts?
On Information Protection Day, Roskachevo offers specific measures to secure social network accounts. It is a user-friendly platform that provides step-by-step guidance for account security. Additionally, it offers advanced security features like two-factor authentication to enhance user privacy and account safety. Roskachevo differentiates itself by prioritizing user privacy and employing robust security measures. It ensures the safety of user accounts by implementing top-notch security protocols and regularly updating its systems. While no specific success stories or testimonials are mentioned, one can assume that users have benefited from their services in securing their social media accounts given their focus on account safety.