Late one night, Sarah L. received a strange e-mail…
It was around midnight and the email said her order from Grubhub was on the way.
Not only had she not ordered the food, but the food was ordered in New York, and Sarah lived thousands of miles away.
She contacted Grubhub and notified them of the fraud and received a refund.
Then she immediately changed her password and received a refund.
Sarah went about her life without giving another thought to the incident.
But six months later, she learned what had been occurring.
Sarah logged into her bank account and found that she was missing money. And not just a little money…
Almost $15,000 had been wired from her account.
She contacted her bank who worked with her to attempt to reverse the wire transfers.
For the next two weeks, Sarah was frozen out of her accounts and couldn’t access her money. Her bank had to close all her accounts and open new ones.
But it wasn’t over…
A month later, she received a call from her credit card company. Someone had tried to spend $300 on her card.
Luckily, the credit card company caught the fraudulent charge and declined it.
Sarah cannot say with 100% certainty how all her online accounts were hacked.
But she has an idea…
She admits that she used the same password for many websites – and used the same password for the last decade without ever changing it.
About 66% of people admit to using the same password across multiple accounts.
But aside from passwords, many people also use the “sign in with Google” or “sign in with Facebook” options when creating new online accounts.
This feature allows you to sign in to third-party websites by using another one of your logins.
While this is convenient, it presents a major cyber-security risk.
Here’s why this option could put you at such a risk…
Overly dependent:
One of the problems with using your login information from Google for a new website is that you are putting all your eggs in one basket.
If you use your Google information to login to a new website then Google will be storing your information from the specific website.
Not only that, but you’re giving them access to track your data and website usage habits.
Do you trust big tech to track you and use that information for a good purpose? I hope not.
So, if you are concerned about keeping your information private, the last thing you want to do is share it with Google.
Unknown accounts:
When you have the main login you might get confused and even forget about accounts and then accidentally create multiple accounts.
What I mean is, you could go to a website and register your account by logging in with Google.
Then a few months later you might go to the same website and login with your Facebook credentials.
And then later you might login with your Apple information.
It’s easy have this happen, especially if you don’t login to the account often.
But you now have three accounts with one website, all using different “login with” information.
You might not even realize all these accounts exist.
But each account is a potential access point for hackers to snatch your personal information.
The more online accounts you have, the more opportunity there is to for criminals, and the more likely you are to be hacked.
Big Tech Gets Hacked:
Google, Facebook, and Apple are some of the most popular tech companies in the world. They’re the best of the best.
But this doesn’t mean they can’t or won’t be hacked.
In fact, it wasn’t long ago when the personal information of 500 million Facebook users was stolen.
The truth is, when you use these big players to log into other accounts you are putting all your trust in them.
And they are not immune from cyber-attacks.
If someone hacked into your information with one of these websites they could gain access to all the other websites you log into.
In my opinion, the convenience does not outweigh the security risks.
My advice is to never use other website logins to register with a new one. It’s better to create a new independent password for every website.
And use a password manager such as LastPass to keep track of them.
