Last year I was in for a rude awakening. I had gotten an email alert on my phone that there was suspicious activity on my PayPal account. As soon as I got that alert, I hightailed it to my computer and was able to sign in to see that the hacker had already transferred about $800. I was able to put in a dispute and take screenshots, and that was the last time I was able to access that particular account. The race to secure my accounts was on.
What I didn’t realize right away was that my gmail account went through a brute force attack, which wasn’t that difficult, and I’ll get to that in a minute, but I realized with dawning horror that all of my passwords were saved on my computer; everything from online banking, to cryptocurrency exchanges, to social media, and the blockchain-based platforms that I contribute and earn crypto on. My online and monetary well-being were on the line.
Let me tell you something. I never thought it would happen to me. In the scope of things, I’m nobody, but my social media does reflect an interest in crypto and blockchain and that made me a target.
Hard Lessons
If you think for one moment that it won’t happen to you, you’re wrong. Being hacked can happen to anyone, but there are safeguards you can put into place.
Earlier I mentioned the brute force attack that didn’t take a lot of brute force to gain entry. I made the rookie mistake of keeping a fairly easy password, and then used that same password for a lot of other things. One might think that being online for 20 years without an issue would have had that ingrained in my bones to never do that. Again, that idea of “I’m nobody” gave me a false sense of security. Do not make the same mistake!
Secure everything
First thing I did was visit https://myaccount.google.com/security and log off all devices. I did this for my Microsoft/Hotmail account as well.
I found the IP address of the hacker and blocked it.
I used Password Generator to create strong random passwords and saved everything to a text file on a master flashdrive. Banking, credit cards, utility bills, tax filing – I went and changed all the passwords on anything that had my personal information on it.
2FA saved my crypto
The crypto I had on the exchanges was secured by two factor authentication so as long as they didn’t have my phone, I knew they weren’t going to gain access to those accounts to change the password or email address. If you don’t have 2FA activated – do it.
Going down the list of literally all of my accounts, I knew which ones had that safety barrier and which ones did not. I quickly went to the ones that didn’t have that layer of security and changed the email address and activated 2FA where I could.
Social Engagement saved my identity
When the hacker got into my Steemit account and stole my liquid STEEM and SBD, I figured it was the price I paid for being an idiot. At the exchange rate, I probably lost well over $500 in STEEM because I had my active key saved in my Google password manager and they hackers had initiated a power down to steal more from my account.
Now, I initiated account recovery but I got pissed when they started posting as me. This put me on a whole new level of defense. I went to all of my now-secured social media platforms and implored everyone to flag my account. There was no way I would allow they to take the identity I had worked so hard to create, and earn more from the reputation I built. When I was countered with, “Well, if you were hacked, how do I know it’s really you?” My answer very simply was, “Look at the entire body of my work and you tell me if that last post was me.” I had community support and even had BlockTrades on my side. They diverted the power down and sent my funds back to me after my account was secure and in my possession again.
Bottom line
Take the extra time to keep your passwords OFF line.
Change your passwords often.
Use 2FA or some other account authentication like SMS messaging.
Check to see what devices are active on your account.
I’ve even gone as far as having a social email and a family and friends only email.
If you are at all active on social media and have even a passing interest in cryptocurrency and blockchain projects, you are a target.
Build relationships with people in the crypto space. There really aren’t a lot of us but we can be a tight-knit group and we often help each other out. You don’t have to lose your anonymity, if that’s your concern, but you have to be authentic.
Take the time to keep yourself safe.