Tip of the Week: Security Breaches

Community News - Consider ways to keep your account secure on GameSpot and beyond.

We hear it all of the time. Users getting hacked or experiencing identify theft. And there are some users who don't realize the Internet means one thing: Everything can be shared to the public--even private conversations and FTP servers. You might share one little story via instant messenger to one friend (even someone you know in person) who might share it with just one person, and that person shares it with people in a live chat room. Before you know it, the story about mooning the old janitor at football practice in the dark night with the moonlight shining on your derriere becomes everyone's business.

An oops like that isn't too serious, right? What gets me is the security problems many of you face every single day with the social interaction tools used on the Internet. You might read the news often enough to know what happens with Twitter, Facebook, and other Web site security problems (if you don't know, do some keyword searches in Google), but what I don't want is ANY of you having a hacked GameSpot account. It's not fair to your friends getting private messages from strangers; it's not fair for your account to get a rep for serious abuse worthy of a ban.

This is a little message for those of you who do not understand security problems on the Internet and how to overcome being easily hacked on the Internet.

1) Sharing pictures online for the entire world to see? Sure, maybe that's fine. Who cares if they know Uncle Bob's last name, but it would be unwise to share your mother's parent's last names in the captions or descriptions of your pictures. We all might have a habit of calling our grandma by the last name without realizing that it is our mother's maiden name. That info is a hacker's dream for messing with someone. If you are using any social Web sites that have real names, do not share the friends list with everyone. The hacker might contact the list members to ask questions about you, and there goes even more security questions if you aren't careful. Also, try to fiddle with the security questions with false answers instead of answers people might have. If your favorite color is blue, put greenbutreallyblue as the answer or something else that won't be easy to find on a wild guess.

2) Publicly sharing your e-mail should only happen if you don't have the e-mail attached to an account with your credit/debit cards. Ebay, Paypal, Amazon, Steam, and the like are easy to mess with once a hacker has breached your e-mail. With just a click, they can restore your password for that account. Sure, maybe it will be a prank where they spend $600 to purchase you something, but it's not always easy to return your goods without having some kind of "Return to Shelf" fee or other penalty. Some people who breach accounts also find ways to "download" content, like music and games as well. Be super cautious in this area and know every single registered account you have attached to your debit/credit cards. Also, there are a lot of articles on the Internet about this, so DO sign up for a bank or service that will alert you of suspicious transactions and add other alerts about certain amounts of money transaction alerts.

3) Keep every single password for each account different. You might not be able to remember all of them and have to do a couple of password recoveries, but this pretty much causes you to have one account hacked instead of all of the ones with same password. Always keep a long password here at GameSpot and include every character it might accept (don't just use numbers and letters--don't just use a word in the dictionary either). Instant messengers like MSN, AIM, and other accounts are also easy subjects for hacking, so make sure you also have a different password for those accounts. Don't add people you don't know on these instant messengers.

4) If possible, do make a habit of changing out your password every month or two on GameSpot.

5) Do NOT allow your e-mail to be public if it's associated with an important account, GS account(s), and the accounts associated to credit/debit cards.

6) Be aware if you have an account on a Web site that allows for easy account deletion (such as using one button to close the account). Be super mindful. GameSpot currently does not allow account deletions for each registrant, so we are one site that is not too easy for a hacker to completely destroy your account, although he or she might be able to remove all of the content you have.

7) The saying about the less you register, the more secure you are is correct. Know where you register and remember you have an account. When accounts were hacked in the early days, it had to do with users registering at a UBB (forum), which made it easy for an owner of the forum to check passwords and use them on other Web sites. That's why you need to monitor your registration activity as much as possible.

8) Consider a secure Firefox browser app that allow you to monitor Web sites that are not secure and alert you when something is suspicious. Avoid visiting unfamiliar Web sites as much as possible. Do some searches for tech news Web sites like CNET http://news.cnet.com/security/ to find other ways to overcome Internet security problems.

9) Do not click on links you are unfamiliar with in case the site ends up phishing your information. Check URLs as often as you can, even if the Web site looks similar to a site you visited. For instance, the site www.gamesp0t.com (zero instead of o) doesn't exist, but if it were a phishing site, the Web site design would be exactly the same as GameSpot. The only difference is that the login field will track your login and password to breach your account on GameSpot. By simply looking at the URL when you are linked, you could save your account from being breached on GameSpot.

10) NEVER EVER share your password with anyone, not even grandma or your dog. You never know when family, friends, or the dog will go rabid. You are responsible for what happens to your accounts, and the problems you encounter can easily be avoided if you play it smart. Keep it secret, keep it safe.

Now that you know these tips about discovering ways to keep your accounts secure throughout the Internet, here are some ways to find out what other people know about you on the Internet.

1) Consider doing a "search" in Google to see what places your e-mail comes up. If it's public, it's easy for an account breach on any of the accounts you have outside GS.

2) Change your e-mail to your GS account if it's known to the public. Why? As mentioned earlier, if someone hacks your e-mail, that person can restore passwords or change them on any Web site that you have attached to it. Keep it safe!

3) See what people know about you by doing a search for your real name at Web sites that do contact info searches. Is your real name unique? If people know your location and real name, you might be easy to look up via real name Web site searches that share your address and phone number. Figure out ways to remove your name from these places by not being in the phone book (these days, mobile phones make it easier) or you could always move away. ;)

4) Get in the habit of logging in to GameSpot with your secure e-mail. Users already know your username, and this will help staff immediately identity the intruder. Obviously, we have other ways to track your login history, too.

Written By

Discussion

27 comments
Feryraiser
Feryraiser

This was really useful much appreciated!

mariostar0001
mariostar0001

Glad to know I'm not the only one to appreciate higher security of information.

buft
buft

the only truly safe way to use the internet is not to use it at all, which is a sad fact

SpaceCadetB
SpaceCadetB

great tips. glad to say, i havent had any problems or oopses like that, so i think i'm doing something right. :)

maverick_76
maverick_76

This stuff is crazy, you have to be so careful nowadays.

horgen
horgen moderator

@JodyR - I didn't know. Only learned about her banning a few days after it happened, hacked account seemed to come up very often. That's why I asked. What was the name of the thread you made in OT? (sorry for being off topic here) Anyway as I said earlier, thanks for sharing these tips. Many good ones, sometimes I just wish real life friends would follow them as well. On FB people share many times more information than they should about their friends. :(

JodyR
JodyR moderator

@horgen123: I answered this question in the OT thread about this. bianca only expedited this post a couple of days earlier than planned. I receive a variety of breached account complaints, but there seems to be a bit more as of recent. If anything, I probably wouldn't have posted the thread in OT about it, but I would have had this Tip listed here on Friday with or without her circumstance. :)

JodyR
JodyR moderator

@ Darthkaiser: Hah, well, you know.. if someone has a "bug" in your house..sharing it with your dog might be a bad idea. :P

horgen
horgen moderator

Is this related to Bianca's banning? Anyway thanks for the tips here Jody, will do some of them right away actually.

Darthkaiser
Darthkaiser moderator moderator

Very interesting info Jody I think I should stop sharing my password with my dog now :P

Garrison_Ford
Garrison_Ford

These are very valuable tips for beginners to the internet and also those of us that have been around for a while. It's interesting to look back and see what kind of traps we've put outselves into without even realizing it. Thanks for posting this Jody. :)

Ryozo
Ryozo

While these tips are sensible and welcome, I feel obliged to point out another behavior that must change, as noted in the very first paragraph. We, collectively, must rediscover the concept of 'keeping things under one's hat' (and its cousin 'a gentleman does not kiss and tell' - but delving thereinto is for another occasion) - just because a friend recounts one of their (mis)adventures, that _does not_ mean you automatically have permission to tell it in turn to all and sundry. Simply put: if in doubt, assume you're being told in strict confidence and, again, keep it under your hat.

fkbwii
fkbwii

Great tips! Thanks Jody

X360PS3AMD05
X360PS3AMD05

Never really cared, but maybe i should switch important things to live.com e-mail with a better password...

Rckstrchik
Rckstrchik

Great advice! It's amazing how easily people can find absolutely everything about you on the internet. Luckily, I haven't had many hacking problems.

travisstaggs
travisstaggs

Nice tips, I think I'll start changing my password every so often now.

dragon7x2k
dragon7x2k

Well, thanks for the advice, hopefully somebody will follow it.

Backlash24
Backlash24

A great guide to not getting hacked. Trust me that kind of stuff is not fun by any stretch of the imagination ...

nintendoboy16
nintendoboy16

"Do NOT allow your e-mail to be public if it's associated with an important account, GS account(s), and the accounts associated to credit/debit cards." Luckily, I keep my email to myself and never reveal it publicly to sites like Gamespot and YouTube. Great rule to follow. I also change my passwords quite frequently, so I'm good there. Thanks for the help, Jody. :)