Most of the time, we log into our apps and digital accounts on autopilot – it’s easy when our devices remember our information and we never sign out. Hackers
That’s why losing access to one or more of the digital accounts you rely on every day can be a major headache.
Perhaps you’re setting up a new device and you can’t remember your password because it’s been so long since you actually had to log in somewhere new.
Or maybe you’ve been the victim of a hack or data breach,
and someone else has changed your password and locked you out of your accounts.
Hopefully you’re never in situations like those, but if you are, fixing the problem will be much easier if you prepare now.
Each of your accounts has some kind of recovery process, so it’s important to find out what those steps are and that the information they’re using is up to date.
We’ve covered some of the most well-known apps and accounts here, but we’d recommend doing the same checks on all your important accounts.
If you’re using any we haven’t listed, you should be able to find similar recovery options by digging around in the settings or having a look online.
From a security standpoint, remember that someone trying to gain access to your accounts can also use the same recovery options.
So if you have backup phone numbers and email addresses on file, you should make sure those accounts are also well-protected against unauthorized access.
If you log into your Google account on the web, you can get at everything related to account access by clicking on the Security link on the left.
You should be particularly interested in the Ways that we can verify that it’s you box – these are the methods Google will use to verify your identity if you get locked out of your account.
The options should include a recovery cellphone number, a recovery email address, and a security question—click on any of the entries to make changes and to check that everything is up to date.
If you need to regain access to your account, Google will send a special link to your phone or alternative email address, so that contact information needs to be current.
ADVERTISEMENT / ADVERTISE WITH US
Open your Apple ID page on the web, then click Edit (next to the Security heading).
You’ll find the information Apple associates with your account, plus the devices you’re currently signed into (if you’ve been logged out of your Apple account on one device, you might still be able to access it from another one).
As far as future account recovery is concerned, two bits of information are important here: the Trusted phone numbers and Notification email sections.
Make sure both of these are stocked with correct, up-to-date details, as these are the channels Apple will use to reset your password if you can’t remember it.
Head to your Microsoft account page on the web, and you’ll have access to everything related to it—such as your ongoing subscriptions, the devices you’re logged in on, and how much data Microsoft is collecting on you.
To configure your account recovery options, click Security, then Security contact info.
ADVERTISEMENT / ADVERTISE WITH US
It’s the usual drill here: You can provide both a cellphone number and an email address and Microsoft will use them to contact you and verify your identity if you ever get locked out of your account.
Click Add security info to add something new, or Change alert options to set which contact Microsoft uses first.
Protecting access to your Netflix account might not be as vital as keeping your Google, Apple, and Microsoft accounts locked down, but it’s still definitely worth securing.
If you log into Netflix on the web, you can find various security options by hovering the mouse over your avatar (top right) and choosing Account.
The two choices at the very top are the ones you’ll need to ensure are accurate—the account email and account phone number.
If Netflix needs to send you a password reset link, it’ll use these details to do it. You can also reset a Netflix password if you know your billing details—follow the instructions here.ADVERTISEMENT / ADVERTISE WITH US
Instagram will use the email address and phone number you have on file to reset your password, if necessary.
You can find this information by logging into your Instagram account on the web and clicking Edit profile on the left.
You can have one email address and one cellphone number, so make sure they’re in use and well-protected.
As you can see from Instagram’s password reset page, you can enter your username, registered phone number, or email address to receive a reset link that will let you back into a locked account.
Facebook lets you get back into your account in numerous ways. Go to your Facebook account on the web, then click General and make sure your details under Contact are correct.
You can add several email addresses and phone numbers here, which Facebook will use to get in touch with you if you’re ever logged out.
Another handy feature is listed under Security and login: Click Edit next to Choose 3 to 5 friends to contact if you are locked out, and you can give Facebook the names of three, four, or five people you’re connected to on the social network.
If you get locked out, Facebook can contact these people to make sure you’ve really been hacked or have truly forgotten your password (you’ll need to let your friends know, of course).
5 Methods Hackers Use to Break Into Your Bank Account
With so many users making the jump to internet banking, it’s no wonder that hackers are on the hunt for login details.
What may be surprising, however, are the lengths that hackers go to in order to access your finances.
1. Mobile Banking Trojans
These days, you can manage all of your finances from your smartphone. Usually, a bank will supply an official app from which you can log in and check your account. While convenient, this has become a key attack vector for malware authors.
The simpler means of attack is by spoofing an existing banking app. A malware author creates a perfect replica of a bank’s app and uploads it to shady third-party sites.
Once you’ve downloaded the bad app, you enter your username and password into it, which is then sent to the hacker.
The sneakier version of this is the mobile banking Trojan. These aren’t disguised as a bank’s official app; they’re usually a completely unrelated app with a Trojan installed within. When you install this app, the Trojan begins to scan your phone for banking apps.
When it detects a banking app being launched, the malware quickly puts up a window that looks identical to the app you just booted up.
If this is done smoothly enough, the user won’t notice the swap and will enter their details into the fake login page. These details are then uploaded to the malware author.
Typically, these Trojans also need an SMS verification code to complete the hack.
To do this, they’ll often ask for SMS read privileges during install, so they can steal the codes as they come in.
How to Defend Yourself
When downloading apps from the app store, keep an eye on the amount of downloads it has.
If it has a very low amount of downloads and little to no reviews, it’s too early to call if it has malware or not.
This goes double if you see an “official app” for a very popular bank with a small download count—it’s likely an imposter!
If you’re interested in learning more, be sure to read our guide on how to avoid Trojans.
Likewise, be careful with what permissions you give apps.
If a mobile game asks you for SMS read permissions with no explanation as to why it wants them, stay safe and don’t allow the app to install.
Never install apps from third-party sites, as they’re more likely to contain malware.
As the public becomes savvy toward phishing tactics, hackers have escalated their efforts to trick people into clicking their links. One of their nastiest tricks is hacking the email accounts of solicitors and sending phishing emails from a previously-trusted address.
What makes this hack so devastating is how hard it would be to spot the scam. The email address would be legitimate, and the hacker could even to talk to you on a first-name basis. This is exactly how an unfortunate home buyer lost £67,000, despite replying to an email address that was previously legitimate.
How to Defend Yourself
Obviously, if an email address looks suspicious, treat its contents with a healthy dose of skepticism.
If the address looks legitimate but something “seems off,” see if you can validate the email with the person sending it—preferably not over email, in case the hackers have compromised the account!
Hackers can also use phishing, among other methods, to steal your identity on social media.
This method of attack is one of the quieter ways a hacker can gain access to your bank account. Keyloggers are a type of malware that records what you’re typing and sends the information back to the hacker.
That might sound inconspicuous at first, but imagine what would happen if you typed in your bank’s web address, followed by your username and password.
The hacker would have all the information they need to break into your account!
How to Defend Yourself
Install a stellar antivirus and make sure it checks your system every so often. A good antivirus will sniff out a keylogger and erase it before it can do damage.
If your bank supports two-factor authentication, be sure to enable this.
This makes a keylogger far less effective, as the hacker won’t be able to replicate the authentication code even if they get your login details.
4. Man-in-the-Middle Attacks
Sometimes, a hacker will target the communications between you and your bank’s website in order to get your details. These attacks are called Man-in-the-Middle (MITM) attacks, and the name says it all; it’s when a hacker intercepts communications between you and a legitimate service.
Usually, an MITM attack involves monitoring an insecure server and analyzing the data that passes through. When you send your login details over this network, the hackers “sniff out” your details and steal them.
Sometimes, however, a hacker will use DNS cache poisoning to change what site you visit when you enter a URL. A poisoned DNS cache means that www.yourbankswebsite.comwill instead go to a clone site owned by the hacker. This cloned site will look identical to the real thing; if you’re not careful, you’ll end up giving the fake site your login details.
How to Defend Yourself
Never perform any sensitive activities on a public or unsecured network. Err on the side of caution and use something more secure, such as your home Wi-Fi. Also, when you log into a sensitive site, always check for HTTPS in the address bar. If it’s not there, there’s a good chance you’re looking at a fake site!
If you want to perform sensitive activities over a public Wi-Fi network, why not take control of your own privacy? A VPN service encrypts your data before your computer sends it over the network. If anyone is monitoring your connection, they’ll only see unreadable encrypted packets. Picking a VPN can be difficult, so be sure to read our guide on the best VPN services available.
5. SIM Swapping
SMS authentication codes are some of the biggest problems for hackers. Unfortunately, they have a way to dodge these checks, and they don’t even need your phone to do it!
To perform a SIM swap, a hacker contacts your network provider, claiming to be you.
They state that they lost their phone, and that they’d like a transfer of their old number (which is your current number) to their SIM card.
If they’re successful, the network providers strips your phone number from your SIM and installs on the hacker’s instead. This is achievable with a social security number, as we covered in why 2FA and SMS verification isn’t 100% secure.
Once they have your number on their SIM card, they can circumvent SMS codes easily. When they log into your bank account, the bank sends an SMS verification code to their phone rather than yours. They can then log in to your account unimpeded and drain your account.
How to Defend Yourself
Of course, mobile networks typically ask questions to check if the person requesting the transfer is who they say they are.
As such, to perform a SIM swap, scammers typically harvest your personal information in order to pass the checks. Even then, some network providers have lax checks for SIM transfers, which allowed hackers to easily perform this trick.
Always keep your personal details private to avoid someone stealing your identity. Also, it’s worth checking if your mobile provider is doing their part to defend you from SIM swapping.
If you keep your details safe and your network provider is diligent, a hacker will fail the identification check when they try to SIM swap.
Keeping Your Finances Safe Online
Internet banking is very convenient for both customer and hacker alike. Thankfully, you can do your part to ensure you’re not a target of these attacks. By keeping your details safe, you’ll give hackers very little to work with when they take aim at your savings.
If you’d like to know more on keeping your finances safe on the internet, try our guide on buying goods safely online.
t’s not just your bank account at risk from attack—hackers are also targeting connected cars.
Image Credit: stokkete/Depositphotos
Explore more about: Hacking, Keylogger, Phishing, Smartphone Security, Trojan Horse.
Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.