How to protect Personal Office from hacking?
How to protect Personal Office from hacking?MMM aims to create maximum safety for each participant. But, unfortunately, periodically attackers still get access to the Personal Office of the Community’s members.
In 99% of cases this is the fault of the participants themselves, who were too trusting or allowed to infect their computer with malware.
We want you to be careful and not allow the scammers to steal your data, so we have created detailed instructions on how to protect yourself from intruders.
MMM does not ask for a password and does not offer paid servicesScammers can enjoy participants’ trustfulness:
- A scammer gets in touch with you (via social networks, skype, etc.) and introduces himself as MMM administration.
- He makes up a reason (e.g. the suspicion of fraud) and asks you to send your password to the account for so-called reliability verification.
- You believe him and send the password. The scammer changes the account data and transfers MAVRO to his bank details.
The majority of the participants know that MMM does not ask for a password, so the scammers have other ways and offer paid services on behalf of the administration:
- The scammer contacts you (via social networks, skype, etc.) and introduces himself as MMM administration.
- He offers the solution of your problem: to unlock your account, to make this process twice faster, to consider the ticket right now and so on, asking for a certain amount, e.g. $ 20.
- You are happy that the account will be unlocked and send 20 dollars to the scammer. As a result, you lost 20 dollars, and the account remained blocked.
Create a complicated password and keep it safeThe attacker can get the password of the Personal Office without trying to have it out by fraud from you personally. Scammers use software to generate passwords and choose the cipher automatically. If the password is too simple — you are under threat of hacking.
The password has 5 categories of complexity:
- Very simple. Such password is easy to pick out even for a
beginning hacker. It often consists of letters or numbers in a
consecutive order on the keyboard.
Examples: qwerty; 123456.
- Simple. The password consists of letters (often a word) or
numbers (usually date of birth), without a consecutive order on the
keyboard. It’s too easy to crack.
Examples: mavrodi; 010392.
- Average. The password consists of letters and numbers, of
more than 8 characters. This password is difficult to crack, but if the
hacker is advanced, he can do it.
Examples: goldenstyle1771; neverbealone45.
- Complex. This password is hard to crack even for the
advanced hacker. It has more than 11 characters, it consists of
different letter cases (large and small) and numbers.
Examples: sCorPionWins1572; MMMfOrEvEr77877.
- Very complex. Such passwords will bring problems even to the
state security services, not to mention usual hackers. Such passwords
are at least of 15 characters, contain upper and lower case letters,
numbers and symbols.
Examples: tHiSP@ssw-orDneveRbeH-A-c-k-ED_55278; ToGE-therWE%chanGe_theWORLD_17
If you find it difficult to come up with a complex password, use the online generators:
For additional convenience and security you can use a free password Manager KeePass — http://keepass.com/. The passwords will be stored in a secure database. Create one complex password for access to the program. This password can be used to log any other sites in.
Remember: Scammers use programs to guess passwords. To protect your Personal Office, create complex passwords of 11 and more characters with numbers and mixed letter cases. Do not store the passwords in text documents, write them on a piece of paper and/or use a password Manager KeePass. Change your passwords regularly.
Use Gmail and set maximum safetyIf an attacker cannot guess the password to your account, he attempts to hack your E-mail in order to get access to your Personal Office using the password recovery procedure:
- The scammer cannot guess the password to the account. He clicks “forgot password”.
- The hacker cracks the E-mail and finds a letter from MMM, clicks on the link and comes up with a new password to log in.
- The attacker changes the accounts details for his own and transfers MAVRO to his account. You won't even get access to your PO because you don't know the new password.
- Create a complex password for Gmail, different from the passwords to social networks, MMM Personal Office and other sites. Change it regularly.
- Make up a difficult question for the password recovery. For example, what nickname did you invent for a second cousin’s hamster when you were 12 years old?
- Use a two-step authentication. To log in your email you will enter codes, received via SMS, a phone call or a mobile app. The scammer won’t log in your e-mail, even if he hacks the password, because he doesn’t know the secret code.
- Use Google Authenticator (GA). This convenient mobile app for passing a two-step verification. It is supported by Android, iPhone and BlackBerry and works even without Internet connection or mobile network. Instruction
Use only secured browsers and do not allow them to save passwordsIf you have invented a reliable password and protected your E-mail, the scammer may try to attack you through the browser. One of the browser’s functions is remembering passwords so that it would be more convenient for the user to log in sites. This can be used by the attacker:
- You come up with a complex password and allow the browser to save it. You go to make tea.
- The scammer hacks your browser and copies the password.
- The attacker enters your Personal Office and creates a request for assistance, filling in his details. You return with the tea, and your money is already transferred to the account of the scammer.
- Use only tested browsers with a high security. We recommend Google Chrome and Mozilla Firefox.
- Do not allow your browser to remember passwords.
Do not visit suspicious websites and install a powerful antivirusIf you store the password in your computer or phone, the attacker has another option to steal it - to infect your PC or smartphone with spyware. How it happens:
- You surf the Internet and see the message on one of the sites “Congratulations, you are the 1 000 000th visitor, you have won BMW X6”.
- You follow the link, then you are asked to fill the winner's form in in the bulletin. You need to download it, fill it in and send.
- You download the file and open it, and there is a virus instead of the form. The computer is installed with spyware, and the attacker gains access to your documents.
- The scammer finds your password on the PC, log in the Personal Office and transfers Mavro to his account.
- Additionally, he transfers money from your credit card to his card, locks down your computer and demands a ransom for unlocking it.
In some cases your antivirus may miss the danger by mistake. Install additional anti-spyware to help the antivirus to cope with malicious software. For Example, Anti-Malware, Malware-Fighter.
Use the rule of 4 “do nots”:
- Don't click on unknown links
- Don't click on pop-up advertising
- Do not download unknown files (including via social networking websites and programs for chatting, e.g. Skype).
- Do not visit suspicious websites.
Update your antivirus, PC software and phone regularlyIf you use all ways of the security, but do not update the software, you still risk being infected by a virus or a spyware program.
How it happens:
- You install an antivirus. It's been offering an update during the month, but you postpone it.
- The scammer attacks your computer with a new spyware program and infect it, because the antivirus is outdated and does not defend against new viruses.
- The scammer steals your money and information, and you clutch your head and beat yourself up because you didn’t update the antivirus in time.
Remember: an attacker could infect your computer with fresh spyware, if you do not update the antivirus. Regularly update your antivirus, operating system and software on the PC and the smartphone.
What to do in case of hackingIf you failed to protect yourself and the scammer hacked your account — do not panic.
- Check whether you still have access to the Personal Office. If so,
write to the support service immediately. MMM administration will
temporarily stop the opportunity to make any operations using your PO,
so that the scammer couldn’t transfer your MAVRO.
- If the scammer has managed to create a request for assistance
before the administration reviews the ticket, ask the sender not to
- Even if you cannot log in your PO, inform an online consultant about the hacking.
Before you continue to participate in MMM, follow these steps:
- Scan the PC and the smartphone with your antivirus. Clean them from the malicious files.
- Make sure that intruders do not have access to your e-mail address. Be sure to change the password to the e-mail.
- Change the password to your Personal Office.
Follow these rules and do not allow criminals to deceive you — to infect your computer, steal money or information.