a term seen more and more on the internet. I was curious about it, and asked a few friends what they thought of their computers security. Most of them replied it was okay, and where pretty confident that apart from social networking websites (Like Twitter, Facebook, LinkedIn or the Dutch Hyves) they would not be found on the internet with their real names or (e-mail) address.
So I decided to put this to the test by simply using (almost) everyone's favourite search engine, and putting in their names. After about 5 minutes, I struck gold. I found a very recent list (20th of November) of user names, in the form of e-mail addresses and passwords, dumped from a Dutch gaming website.
My friend's address was one of them.
So, as any curious person would do, you start to try out the addresses to login to the users mailbox. It did not take long to get a successful login, so I called my friend, telling him, that I "hacked" his mailbox. He was shocked to hear this from me, as he was very confident that this would be impossible because of the security measures he had on his PC.
I asked him why he picked the password that he did, and he explained to me (Since he's a good friend), that it was his pin codes from his bank accounts combined, to form a long password. So not only was his mailbox (and thus a lot of personal information) open to anyone who could use Google, but also, if someone manages to make the link, his bank account.
So even if you protect your own PC as good as possible, making you feel secure, this does not matter, when the websites you share your details with, are not. What is worse, is that a lot of people tend to use the same user name&password combination everywhere, so once one of those websites is compromised, or just not well protected, the bad guys will still be in control of your details.
Now I wonder, how do YOU protect your personal details? Let me know!
Geen opmerkingen:
Een reactie posten