Connect with us

Security

What are some computer hacks that hackers know but most people don’t?

There’s a lot of stuff hackers are capable of, here’s some of their most effective methods.

Hacker

There’s a lot of stuff hackers are capable of, here’s some of their most effective methods.


Today’s Quora question “What are some computer hacks that hackers know but most people don’t?” features two great answers. The first comes from Kevin Borders, a former NSA employee and Ryan McGeehan, a former director at Facebook Security.

Kevin shares his outlook below:

The most effective hackers insinuate themselves into existing social contexts to exploit human trust and override common sense. A hacker might do the following:

  1. Find a list of your possible contacts through LinkedIn, Facebook, or your employer’s/school’s website.
  2. Spam everyone you know with common malware that has a low success rate.
  3. Once a few gullible people are hacked, search through their e-mail and social networking accounts to find existing threads that you have with them.
  4. Use a low-tech payload that would normally arouse suspicion (like a password-protected zip file), but associate it with an ongoing conversation. Example: “Excited to meet up for dinner next week. Check out the menu I found for the restaurant, the steak looks really good!”

Such a well-crafted attack could catch even the most tech-savvy target off guard, because the context makes you assume that it is coming from a real person you trust.

How can you protect yourself?

This type of attack is really difficult to prevent. Never opening e-mail attachments or clicking on links (even as part of ongoing conversations with known associates) is not practical, but here are some other things you can do to help:

  • Always keep your system up-to-date with the latest versions of your operating system, web browser, document readers, Flash, Java, etc.
  • Restrict your privacy settings on social networks so that the names of your friends are not public.
  • Treat context-aware e-mails from friends with the same level of caution as anonymous e-mails. Still beware of any fishy file extensions or types (.exe or .zip file).
  • If something looks suspicious or out of place, call the sender and ask if the message is legitimate.

Here’s Ryan’s answer:

Hackers expect that you’re probably using the same shitty password on everything you’ve ever logged into because its the easiest way for you to use the internet.

For a hacker, this means if they’ve hacked you anywhere, they’ve hacked you everywhere, even if it’s a complex password. Simply, some websites do a crappy job keeping your password a secret from hackers, and hackers can grab it from one of these crappy websites and use it on websites that you care more about.

More often than not a hacker wouldn’t be targeting individuals specifically but processing some kind of password dump for fraud or spam of some kind which would include you.

Tips for you:

  • Use unique passwords on every site under the assumption that it someday may end up in the hands of someone that will use it on your bank, your email, social networks of choice, etc. It’s annoying and it sucks, do it anyway, and cross your fingers with me that someone will figure out how to fix the internet’s crappy password situation.
  • 2 Factor authentication is great and you should use it on your most important things. Here’s Facebook‘s, and Google’s: 2-Step Verification, your bank probably has one too.
  • Password managers can be a good thing (I’m personally a fan of LastPass) which also has 2 Factor authentication.

Here’s some insight into Facebook’s work on the problem which is interesting:

Lastly, if you’re one of those really-smart-people that know all this stuff already, make an effort to make sure your family / friends / coworkers do too. Getting hacked is the worst.


This question originally appeared on Quora. Read more here

More in Security