Hacking has become a major concern for Internet users, especially those with valuable data on their accounts.
In context, account hijacking is quite rampant across social interaction sites and applications. From research, accounts that are active with a number of active followers are often easy targets that cybercriminals deem lucrative.
And most tech giants have been successfully targeted at different points in time. In January 2020, Microsoft admitted that about 250 million customer service data were compromised in December 2019, although it claimed that no malicious activities were carried out on the accounts before the company responded to alienate the incident.
Facebook, also at the end of 2019, reportedly had more than 267 million Facebook users’ data exposed; a hideous act that was reportedly traced to some Vietnamese hackers.
This reveals, to a great extent, that the increase in global Internet users has increased the opportunities for infringement on personal data. However, players in the online space continue to ensure that their users are protected from such incidents.
An example is Facebook’s WhatsApp. In the past year, the messaging app included the two-factor authentication and fingerprint sign in, both necessitated by an increase in the hijacking of WhatsApp accounts.
Interestingly, these precautions have made tracing the source of a compromise easy and account retrieval faster.
As Instagram also keeps its place as one of the top social networking applications, it has attracted more cybercriminals.
On February 28, 2020, Ted (not real name), a life coach and social media influencer, got an email from Instagram about an activity on his account. He proceeded to send the hacker, whose number was displayed in the mail, a message.
The hacker told him to let go of the account or risk his other social media accounts being hacked. When this threat didn’t work, the hacker pleaded that the account should not be blocked because he needed it to make some quick money. Ted soon retrieved his account.
But then, a wicked sense of humour may not always be the case. Some hijackings leave the victims devastated.
In a similar story, Sharon (not real name) had hoped to sell her Twitter account with thousands of followers, but her login details were unexpectedly extracted and changed by the buyer, leading to a loss of the account and all data on it.
While these cybercriminals can illegally turn accounts to cash, they can also monetise valuable information on them. There are also cases where they resort to extortion through blackmail.
To avoid being a victim, most sites and applications advise two-factor authentication. This is an extra layer of security you give to your accounts which makes any attempt at an illegal log in difficult as it involves a process of double verification.
It should, however, be noted that users still expose their accounts to other risk factors when they don’t use apps gotten from the official app stores, enter personal data on suspicious sites, and allow third-party services requesting access through account login credentials.
This explains why a hack may still be successful even with the extra layer of protection.
Retrieving an account
When a hacker has successfully taken possession of an account, the first action is to change the password thereby locking out the owner. This is also possible when the two-factor security check has been bypassed as a result of the risk factors mentioned earlier.
But if proper account verification has been done, the user will most likely receive a mail notifying of such a breach. The first step is to make a report which will lead to the account being blocked before steps are taken to reverse the action.
In the end, users’ incompetence in securing their accounts may negate Internet companies’ security efforts and continue to expose them to cyberattacks despite available defense procedures.
From Built in Africa archives – MainOne: 10 years building West Africa’s internet infrastructure
On March 25, 2021, Techpoint Africa will be hosting the brightest minds in decentralised finance/crypto at the Digital Currency Summit tagged “Building the money of the future” Click here for more details, registration and sponsorship. Location: Fourpoint by Sheraton, V.I. Lagos.