I write this with a lot of concern for everyday internet users. It may seem like it can’t happen to you, but hackers and scammers can be closer than you think.

Scammers and hackers have become increasingly skilled. Ten years ago, spotting an email from a hacker or scammer was relatively easy. Today, it’s nearly impossible if you’re not sure what to look for.

Here are three quick stories to learn from:

Story 1 – $500 Stolen:

A friend began receiving a barrage of unusual emails in their inbox. It’s possible they accidentally clicked on one, or these emails were designed to mask other malicious activities. A few days later, a hacker gained access to their Facebook, Instagram, and Amazon accounts, stealing approximately $500 in gift cards. This incident is one of many theft and account hijacking horror stories.

Story 2 – Facebook Business Profile Gone!:

A person contacted our business, seeking assistance in restoring her hacked account. She received an email claiming there was a copyright issue with her Instagram account, which she used for her business. Concerned, she clicked a link, logged in, and was prompted to converse with someone posing as an Instagram representative. They requested a password change and other information. To make a long story short, they locked her out and stole her profile.

Story 3 – Way Too Close!

Another friend started receiving three requests every hour for a special code to log into their email. Although they usually took security precautions for personal and business logins, this situation was unsettling. Upon realizing what was happening, they reset all their passwords and implemented an additional layer of two-factor authentication (2FA) on all accounts. The requests ceased after another day. It was disconcerting to know that someone was just one step away from accessing their emails, potentially compromising personal and business accounts.

Protect Your Personal and Business Email

Here are two immediate actions you can take to protect yourself:

1. Passwords:
   • Create unique and complex passwords. User letters, numbers and symbols in your passwords
   • If you have numerous passwords to manage, consider using a password manager like 1Password, Dashlane, or the one built into Google Chrome. 1Password is particularly highly regarded. It helps you generate, store, share, and use passwords securely while browsing.
2. USE 2FA (I BEG YOU!):
   • Enable Two-Factor Authentication (2FA) on all your accounts, including email, Amazon, Facebook, and all other online platforms you use. Emails are the most important, as they are the portal to all your other business and personal accounts

If you’re unfamiliar with 2FA, it stands for Two-Factor Authentication, a method requiring you to verify your identity when logging in. This typically involves a text message, an email sent to an alternative address, or an Authenticator app.

The Authenticator app generates a six-digit code that changes every 30 seconds, and you can set it up on your phone. This means only someone with access to your phone can obtain the code. It goes without saying that you should keep your phone secure. (This is our preferred method)

In Story 1, the friend eventually regained access to their profiles and recovered the stolen gift cards, though it required repeated efforts and interactions with company representatives. In Story 2, the individual faced greater challenges recovering their accounts due to the nature of the incident, however she was unable to regain access and lost all her followers, which we imagine took years to build

It’s essential to note that these steps won’t make you completely immune to hackers or scammers. As demonstrated in Story 2, if someone can persuade you to hand over your account details, no security software can prevent it.

Exercise caution when anyone online requests your logins or personal information. They should be able to verify their identity and association with the company. Typically, companies won’t ask you to provide sensitive details via email or phone call. If there are account issues, a legitimate representative will have access to check and resolve them without requiring you to reset passwords or disclose personal information.

I hope this information proves helpful to someone. Stay safe online.