Every time you’re online and a site sends a separate code to check your identity, you’re using two-factor authentication. It’s become the norm. So, of course, hackers have figured out how to get around this, too. This article shows you how they do it and how to stay safe.

With billions of usernames and passwords leaked, access credentials everywhere are at risk, especially if you are reusing your log-in information on more than one site (don’t do it!).

Business websites want to offer a secure user experience, so two-factor authentication (2FA) has become the norm. It’s meant to help stop automated attacks in which bad actors use the leaked usernames and passwords.

Still, if the site you’re visiting uses short message service (SMS) to send a one-time code to your phone, you could still be at risk.

Hackers, using information they have from a data leak, can call your telephone company. They use your name, date of birth, and other identifiers available on the Dark Web, to impersonate you. Then, say you’ve lost your phone, they transfer your phone number to a device with a different SIM card.

That means when the one-time SMS code gets sent your phone number, the message will instead go to their device.

Android Users Also Beware
On Android devices, hackers have an easier time getting access to text messages. If they have access to your leaked Google credentials, they can log into your Google Play account. From there, it’s simply a matter of installing a message-mirroring app on your smartphone.

The app synchronizes notifications across your different devices. It’s for when you really need to be connected, and you’ll be able to see your phone’s SMS alerts on your tablet!

The app won’t work unless you give it permission when prompted to do so, but too many people don’t stop to read alerts from their own accounts: they assume it’s another necessary update and go on with their day. Otherwise, the hacker might call you in a social engineering ploy pretending to be a legit service provider. They’ll be familiar to you, so you’re more likely to listen when they ask you to give permission.

Again, when the one-time SMS code gets sent to your phone, because of the message-mirroring app, the hacker's device will also receive the code.

What Can You Do to Protect Yourself?
It starts with using unique passwords for all sites you visit. Worried you’ll forget them? A password manager can keep all your access credentials in one secure place for you.

You should also confirm that your credentials haven’t been compromised. If you use Google’s password service, you can head to the password manager site and tap “check passwords” to see if there are any issues. On Firefox, head to the Firefox Monitor page and “Check for Breaches.” On Safari, click on Preferences, and then on Passwords to see what recommendations they have for your security.
Change any passwords that have been involved in a leak!

To avoid the SMS concern specifically, avoid using one-time SMS codes to verify your identity. Instead, you can use a non-SMS authentication tool such as Google authenticator, which provides two-step verification services within the app itself.
​
Need help learning if your credentials have been leaked? Or want assistance setting up more security for your online activity? We can help. Contact our IT experts today at (888) 234-WDIT(9348).

Most people like to take a shot at fixing things something themselves. With some things that works out great, but when it comes to do-it-yourself computer repair, it’s probably not worth the effort. This article shares some of the things to consider before trying to do that repair solo.

#1 Computers are complicated

Computer developers put a lot of work into making it easy for you to use your computer. A good user experience is part of the appeal for one brand over another. But that doesn’t mean that what’s going on inside the actual device is simple to fix.

There are a lot of complicated connections “underneath the hood” of your laptop or desktop, and prying the device open to see if you can do a DIY repair could prove disastrous. It’s going to be safer to turn to a trained repair tech instead.

#2 You could make things worse

Maybe you’ve done this around the house when trying to be “handy.” That leaky faucet becomes a full-blown broken fixture thanks to your efforts.

You might think that you can watch a YouTube video and do an amateur fix, but know that just hitting the wrong key combination could create a different problem. Digging into the backend of your programs could change something for the worse.

Tip: If you do try to fix something solo, don’t erase your history. It could be important for the tech expert to retrace your steps to figure out where you went wrong.

#3 You risk being scammed

Bad guys are always finding ways to exploit people, and there are scams out there that appear to be repair assist programs. You may be looking for a fix but instead you click on a link that installs malware on your device. Now, you’ve got another problem to deal with!

#4 You could lose your valuable data

We store a lot of our lives on our computers or smartphones these days. If you attempt to fix your device without first backing up your files, media, and other data, you could lose it all.

#5 It may not be worth it

It’s not that difficult to find a reasonably priced computer today. You may end up paying for expensive repairs for an old computer when you could have bought new. Take your computer to a fix-it shop. You’ll get expert input into whether your device is worth the time, effort, and money to repair before you go too far down that road.

Choosing the right repair service
With age comes the wisdom to ask for help when we need it. Regrettably, not all repair services are as reliable. When looking for computer fix-it help, read reviews, and check credentials and service guarantees.
​
Don’t hesitate to contact our IT experts for your computer repair needs. You have your skills, we have ours. Let us do the hard work and keep your devices ship shape for you. Contact us now at (888) 234-WDIT(9348)!