Scammers and threats of hacking

[Mia Cherry]

This has happened to me twice now, where someone threatens that they are going to hack me. It never happened the first time but now someone is threatening again.... Is it just me? Should I ignore these people or should I try to do something to stop it, and if so...what? Anyone here actually been hacked or threatened like that too? Damn, it sucks!

 

[melezouriou]

There was a flurry of scammers somewhere around september, posting links in tipnotes and whatnot, they come and go. If you're on cb sending a screenshot of them to support does yield results usually. If they're just being arses, you can always just kick/ban em if you choose.

 

[OldHippy]

I have never heard of anyone being hacked after some random person on the internet has threatened to hack them, it just doesn’t work that way.

Having said that, it is still always a good idea to take cyber security very seriously as hacking does unfortunately occurs (just not by losers who sit in chat rooms threatening to hack you).

There are a few main ways you can be hacked. First is through social engineering, that is by the hacker trying to get you to reveal personal information through various means. For example they will ask for your email address and then somehow try and trick you to reveal your password. Once they have your email account compromised a hacker can then reset any passwords linked with that email account. A hacker can try and trick you by using emails, calling you or chatting with you and pretending to be a customer support officer etc.

The second main way of hacking is by installing some sort of virus/trojan on your computer. There are many ways your computer can get infected by opening attachments to emails to visiting a website that is infected to downloading programs from the web. Once your computer is infected a hacker could monitor all of your keyboard strokes or even take control of your computer.

The last main way is that hackers can buy lists of usernames and passwords from websites that have had this information stolen from them. Not only do the hackers get the information from that website, but as people have a tendency to use the same password on multiple sites a hacker could potentially get access to all sites you have used the same password on.

Now there are plenty of things you can do to protect yourself from being hacked.

* Use two factor identification whenever possible, especially on your email accounts, banking pages and on your social media

* Do not use the same password for every site, consider using a password manager.

* Keep your computer up to date with all the latest updates, Windows, Java, Adobe etc...

* Use an anti virus, personally I use Webroot but the free version of bitdefender is also great. Also if you are ever in doubt scan with the free version of malwarebytes.

* Change your passwords on a regular basis. Use strong passwords with at least 8 characters use a combination of numbers and letters.

* Be careful with what personal information you give out, be aware of scammers.

* Ignore and block idiots who threaten to hack you...

 

[Dan Epstein]

If I had a Dollar for every time someone threatened me with a ransom hack...

 

[AkelaJohns]

Dear Mia Cherry! I'm so sorry for you , just ban or kick them... . and I do agree with OldHippy's comment , useful tips. So listen to them.! I hope you can solve your problem soon..

 

[Mia Cherry]

Thanks for all of your replies!!!

 

[Lexi Dale]

Probably just a troll. Best thing to do is ignore it. Don’t provide fuel to the fire. All they want is a reaction. And then while ignoring it, make a note of what was said and by who. You can always report it too, just for documentations sake.

 

[AudriTwo]

i had someone threaten to hack me in a video game. most of the time it's a weak threat. just ignore and go on with your fabulous life.

 

[Phoenix4987]

With a good firewall and a sense to not to go any websites you're not familiar with or download any e-mail attachments from unknown sources, you're pretty safe. It's also important to note that your IP address is more often than not, dynamic, meaning that it is assigned to you for only a given period of time before it either gets renewed or you are given a new one.

Even if someone does obtain your IP address, it's a very cumbersome and tedious process to find vulnerabilities. A decent firewall will thwart most attacks. Basically someone can sniff out your IP address and with that can look for open ports, etc. But finding an open port isn't going to give anyone access to your entire machine.

With an open port, they can sort of see which services are running and what versions of those services are running. And then search the WWW for any vulnerabilities in that version, etc, etc.

TL;DR, it's a very far stretch anyone would hack you. It's very simple to defend yourself and very tedious for someone to get your IP address, research, code, attempt to exploit you.

If your only communication is done through the website, then any packets they would attempt to sniff out would only return IP addresses associated with the website. I would like to think that anyway. If it's someone you go on Skype with, that's a very different story. Or even if they know your skype username, they can get your IP pretty easily without having to sniff anything out.

 

[Zoomer]

How to avoid trouble in general:
1) Keep your computer operating system, and software, up to date. Most vulnerabilities get patched - it's the users who are the real vulnerability. Whilst zero day exploits exist they aren't shared widely with naughty people as they'll be revealed fast - and no offence, but you're not important enough by any means to use one. This alone will negate the vast majority of potential issues as you surf la net.

2) Don't use unsecure wifi in cafes, airports or elsewhere. In fact, don't use wifi that you don't know either. It's trivial to set up your own phone as a wifi access point and start grabbing people's data as they connect; no hotspotting.

3) Don't click on links or other such stuff in emails, instant messengers and so on; don't download things without knowing what it is you are downloading.

and lastly...

Keep your computer/software/mobile up to date.

p.s. advice to change passwords regularly is now out of date. Due to issues with memorising lots of passwords, many start using formulaic, predictable, patterns. Increment by 1 sound familiar when prompted for a new password? Same with substitution of letters/numbers/characters, it's moderately trivial to go through those. Social engineering and knowledge you may share can reveal vectors that increase the chances of breaking passwords easily too. If you use numbers, are they sequential ones? Are they... dob year (by far the most common - yours or families), or telephone, zip code, car number plate etc etc. Usually just appended to the end, and then incremented on a change.

Use a password manager instead - there are plenty of free ones out there that are very good and you don't then struggle to remember passwords. That's the other big issue with passwords, people use the same ones all over the place.

Sage advice - check on https://haveibeenpwned.com/

Enter your email(s) and see if any of the sites that have been breached had it entered. I've got several on there... including Adobe, Daniweb, Kickstarter, linkedIn, Gamingo, and others. Some of the sites included email/password in a weak MD5 with no salt - meaning it's trivial to use widly available hash dictionaries to find out what the password was (or could have been). With several sites being similar, it's entirely possible they can start to spot your password "tactics."