A countermeasure to be taken when a Twitter or Facebook account is hacked and an easy prevention method not to be hacked

Social networking service (hereinafter SNS) is a service for people and people to communicate via the Internet, and has different characteristics such as Twitter, Facebook, Google +, mixi, GREE, Mobage, Ameba, LinkedIn A service exists. The Next Web summarizes how to check whether these SNSs are hacked or what measures should be taken when it is hacked by any chance.

What to do if your social media account has been hacked or hijacked - The Next Web
http://thenextweb.com/socialmedia/2013/10/27/social-media-account-hacked/

◆ Common signs issued by endangered accounts
Even though the SNS is hacked, even if the owner of the account does not notice any noticeable movements, it may not be noticed. The method for checking whether your SNS account is hacked is as follows.

· 1
Facebook's "Like" and "Friend Request", Twitter's "Subscribe to Favorites" and "Follow" are done automatically.


· 2
Messages are being sent to friends unnoticed by features like messaging only with specific individuals (Facebook messages, Twitter direct messages, etc.).


· 3
SNS receives a notification such as "Registered e-mail address of account has been changed".

·Four
Unfamiliar apps and games have been added.


·Five
The profile has been changed without noticing, or the image of the account has been changed to one that you do not recognize.


◆ In order to manage passwords securely
Linking with Twitter The application does not ask for the password directly, but instead requests to enter the sign-in information of the Twitter account. This is the same on Facebook, and third party applications requesting federation certification do not need to enter their own login information.


Phishing attacks are dressed as websites when a user clicks a dangerous link and they prompt the user to log in to a fake login screen. Once login information is entered, you log in to SNS using the information entered by the user, rewrite the account information, or share the information from the user's account.

The first countermeasure against these is to know the URL of the site to be browsed. Check if the URL displayed in the address bar of the browser is the same as the site you plan to browse and check if the security certificate fits exactly. For example, if you are browsing GIGAZINE and the URL is not displayed as "gigazine.net", it means that it is a dangerous site.


Security certificates can be confirmed by clicking the lock icon next to the URL.


Also,BitlyAttention is needed for abbreviated URL service like. I do not know which page will be skipped in a shortened URL,Long URLBy using a service that displays hidden parts of abbreviated URLs like, you can safely check URLs.

LongURL | Expand URL
http://longurl.org/expand


◆ App authentication
When doing cooperative authentication between SNS and an application, we need to think carefully as to whether the cooperation service is suitable for managing its own SNS account. And, in order to make it cooperate, it is necessary to disclose to account that account information is sometimes exposed to danger from the viewpoint of how much security is concerned.


Just the other dayThe reservation submission tool · Buffer to SNS is illegally accessedThe situation occurred and spam was posted from multiple Twitter accounts via Buffer. When something like Buffer happens, it is almost impossible to prevent unauthorized use of your account beforehand, but you can trust the application you are using, regularly check censorship of approval list You should have better keep it.

And in order not to suffer the damage of these applications,Do not use cooperative applicationsThat is the quickest countermeasure method.

◆ What should be done when an account is hacked
What to do when an account is hacked is easier than imagined. First change account password. The login screen "I forgot the passwordLink ofContact UsPlease change the password of the account from, in that case, set a different password from the character string used in other services (mail and other SNS etc), make sure that you can not log in with the password before change I will.


Next, you jump to the page of the application that is linked with SNS, and unlink the unnecessary applications. Still if the account of SNS seems to behave unstably, it is OK if you do not cooperate with all applications.


Then it checks whether the mail address of the default setting of the hacked account has been changed from the one set up. We also scanned the virus to see if the computer was infected with the virus, and finally the account was hacked against friends and followers, so the message sent during that time is not what you sent, If you tell the fact that you are OK.

◆ What you can do to prevent external attacks
The easiest way to prevent external attacks is to set a unique password for each service. If you do this, even if one account is hacked, it will not damage other accounts of other services.

The second method is to use 2-step authentication for frequently used SNS. In 2-step authentication login, it is necessary to enter a password set by the user and a digit string automatically generated by the mobile terminal containing the 2-step authentication application, so the security aspect is greatly improved.Application "Authy" which allows anyone to easily perform offline 2-step verification such as Gmail for freeFor example, it is.


If there are a lot of convenient net services and you want to send a fulfilling net life using them, it may be good to keep in mind the management of passwords and how to deal with them if it is the case.