don't open attachments you're not expecting
Passwords weigh on us like a "nightmare" according to Fernando Corbato, the guy who first created a computerized one back in the early 1960s at MIT.
And that nightmare only gets worse. Ebay reported yesterday that hackers ran off with password related data, and they're asking all 145 million users, including me, to change them.
The problem gets worse for those of us doing recruiting. Day in and day out, we're signing up for newfangled services--from Github to Stack Overflow to local job boards. If you're like me, you're probably doing so using the same userid/password, one you haven't changed in a while, and one that isn't really all that private.
As if that weren't enough, our jobs involves receiving emails from candidates with resume attachments. But those emails can be from bad guys, too. Open them at your own risk and that of your company as well.
That's what got eBay. A hacker sent emails to various eBay employees, spoofing as the CEO of a related company, with a tempting virus-tainted zip file attached. It only took one person taking the bait to cause 145 million problems.
I asked Paul Czywczynski, CTO of TempWorks, about best practices for avoiding such hacks:
"There is no electronic countermeasure for social hacking. Generally we have to rely on common sense to not do stupid things. .. Common sense is directly inverse of the size of the human group. The bigger we get, the easier for this type of thing to happen. We do our best to educate the masses, don't open attachments you're not expecting, don't give out passwords to someone you haven't qualified, etc..."