Online security in the age of spammers and hackers

Not that Sparkjoy clients need to worry about website security – we’ve got you covered there – but what about the other sites you visit; especially the ones that require passwords?

If you use the Internet everyday, chances are you have places you go to habitually: email, Facebook, Twitter, news sites, RSS feed readers, online banking, and even online gaming. All of these sites require you to sign in; your login name and password are essentially a secret knock that proves you’re you before the site lets you in.

However this security method, among others, is only as good as your password and your understanding of how the seedy parts of the Internet operate when they try to get this information from you.

What are the bad guys up to?

Spam: unsolicited bulk messages, usually in the form of advertisements. This is most commonly sent as emails (junk mail), but also as pop-up ads, splash pages, instant messaging via texts or online chatting (in-game chats, forums, social media sites, etc.).

Hacking: A hacker is “someone who seeks and exploits weaknesses in a computer system or computer network”. There are many types of hackers, but it’s the “black hat” hackers that most people worry about: these are the people cracking the password to your email account, banking website, or government sites and sharing out personal and sensitive information.

Brute-force attacks: this entails attacking encrypted data to check all possible keys or passwords until the correct one is found. These attacks can slow a website down to a crawl as the attack hits the login repeatedly looking for a way in. Think of it as the electronic version of a battering ram at the castle keep doors.

Phishing: an attempt to acquire sensitive information by posing as a trustworthy entity (company, person etc.) via email or phone. These are the people who send emails claiming your bank account is compromised and if you just email them your banking information they’ll fix the problem and save you from being charged a huge fee. Another common ploy is the phone call that begins, ‘Congratulations! You’ve won a trip to [exotic location]!’ followed by a request for your credit card information to hold the seat, room on the plane, or place on the cruise boat.

419 Scams: These are the ‘Nigerian money scams’ that claim thousands, or even millions of dollars are being held in trust, and all you have to do is let them use your bank account as a transfer spot – money in and money out – and they’ll give you a huge payout as a thank you. These are also presented as lottery, rental, romance, pet, and employment scams (among others) all in an attempt to get you to send bank drafts (cashiers cheques), cash, or your personal banking information.

There are almost certainly other nefarious things going on, but these are the most common – and all of them can be reasonably guarded against by a little common sense and good practises.

What can you do?

One of the most important things you can do to protect yourself is to choose a secure password for the sites you visit.

Here are some common examples of bad passwords:

  • -“abc123” and other short and easily guessable letter/number combinations
  • -birthday or anniversary dates
  • -names of spouse, children, pets, or self
  • -using the name of the site the password is for (e.g., “ilovepizzapizza”)
  • -names of hobbies (e.g., “xboxisawesome”)
  • -holiday dates (e.g., “1031” for Halloween, or “1225” for Christmas)
  • -passwords shorter than the allowable length (i.e., if you have the option of creating an eight character long password, don’t only use four of the available characters)

These types of bad password choices can be cracked in under two minutes using a computer program designed for the purpose.

How do you choose a good password?

There are several ways to choose a good password:

  • -Use a combination of numbers, letters, and symbols up to a minimum of eight characters (e.g., *SfHk90*).
  • -Use a “passphrase” that includes letters, numbers, and symbols (e.g., ^I<3P1E^).
  • -Use a password manager program like Dashlane to choose – and remember! – a secure password for you.
  • -Create the longest password allowed – the longer it is, the harder it is to crack.

 Good password practices

  • -Use a different password for each site.
  • -Change your passwords every month or two.
  • -Do not leave passwords written down and lying around.
  • -Do not share your passwords with others.
  • -Use multi-factor authentication where available (i.e., a second code or password is sent via text or phone before you can login, or this can also be used to recover a lost/forgotten password).

It’s important to be aware, and even a little wary.  Most sites and people are legitimate, and that can make it difficult to know which ones aren’t, but it’s important to get into the habit of asking yourself the following questions before giving your personal information to anyone: ‘Who I am really sharing my personal information with? Why do they want it? What will they do with it once they have it?’

Facebook: 10 ways to engage people beyond the “Like” button

Facebook is a powerful way to reach out to your existing customers, and create new ones. When you start out, it’s exciting to see people “liking” your content and leaving comments, and it’s easy to look at the numbers on a Facebook post and think, “I got so many “likes”, I must be doing great!”

We don’t want to worry you, but, there is a lot more to Facebook than simply collecting “Likes” – especially if those “likes” are not translating into brand recognition and higher sales. So, how do you do it? How do you aim beyond the “Like” button and really engage in meaningful and memorable conversation with your customers? It’s easier than you think.

1. Keep it short

People don’t read anything word for word, they scan for the most salient and relevant points based on what they are looking for, and move on. When writing a Facebook post, treat it more like you would a “tweet” on Twitter. Be concise, say what you mean, and let people react. If you have more to share, link to it on your website.

Facebook text comparison

 2. Use short links

Long links in Facebooks posts are not only unsightly, they are hard to read and distract from the message of your post. Use a free service like Bitly to shorten the links.

 

 long link versus short link comparison

3. React to comments (the good and the bad)

Every Facebook post is a chance to interact with your audience – but many businesses don’t, they talk at their customers and don’t respond to comments. While Facebook isn’t about face-to-face connections, it’s still about connecting. You don’t have to respond to every comment, but if someone takes the time to write something more involved than, “Wow!”, you should acknowledge it. This is especially true if you receive negative comments: address them as soon as you see them. Let the user – and all the other users – see that when issues crop up, you deal with them in an upfront and professional way because your customers matter.

If you’re looking for a really great example of how not to handle negative comments, this article regarding ‘Amy’s Baking Company’ is a good read.

 

Example of an apology post

4. Use more (relevant) photos and link thumbnails/cover photos

Facebook pages and posts that use photos generally get more “likes” and shares than pages and posts with no photos (or bad/irrelevant photos). Use clear and well-lit photos that are relevant to your page (in terms of your cover photo) or post.

Ideally, your picture should be original, but if it isn’t, give full credit to the photographer or artist – and don’t forget to obtain permission to use the work if it isn’t licensed under Creative Commons. Facebook can give the illusion that everything creative can be freely used, but using other people’s work without permission or credit is plagiarism.

5. Create chances for user participation

People love to share their opinions about things: what they like, what they don’t like, how they feel, what they want… so use this to your best advantage when creating posts. Ask questions, conduct a poll, run a “caption this photo” contest – not only will this engage your audience, they’ll feel like they matter to you as individuals.

6. Use real people

Facebook is used by real people to look at real things made by, or about, other real people – so why not share their stories publicly? Encourage people to post photos and comment – you could even hold a contest. Ask for their stories related to your product. Don’t forget about the people you work with – they work hard to make your business great, so why not share some of their stories and pictures too?

7. Offer advice

There’s more to business than charming dollars out of wallets: what problems or issues are you solving for your customers? What can you help them accomplish?  What are you offering them that enhances their lives, well-being, happiness etc.? How does what you offer resonate with them on a personal level? Once you can answer those questions for yourself, share your answers on Facebook.

8. Use a conversational tone

As mentioned previously, Facebook is about connecting real people to other real people – but if you hold people at arms length with stiff and formal language, it will be a lot harder to engage with them. Sounding professional doesn’t have to be stuffy and boring.

9. Sneak peek/exclusive content

Everyone likes to feel special and like part of the “in” crowd, so give your audience that feeling by sharing a little hint of what’s to come for your business. Thinking of adding a new product? Developing something really cool? Tell your Facebook fans about it – and let your excitement and enthusiasm shine through.

example of a sneak peak post

10. Ask for likes and shares, but be creative

It’s OK to ask people to “Like” or “Share” your posts and page on Facebook, but you have to be clever about how you do it. Flat out requests  such as, “Please ‘Like” this post!’ will generally be ignored, or clicked on quickly with no user retention (i.e., easily and quickly forgotten with no further interaction). Phrasing the request as a chance to offer an opinion, or participate in something is far better.