How to protect Personal Office from hacking
MMM aims to create maximum safety for each participant. But, unfortunately, periodically attackers still get access to the Personal Office of the Community’s members.
In 99% of cases this is the fault of the participants themselves, who were too trusting or allowed to infect their computer with malware.
We want you to be careful and not allow the scammers to steal your data, so we have created detailed instructions on how to protect yourself from intruders.
MMM does not ask for a password and does not offer paid services
Scammers can enjoy participants’ trustfulness:
- A scammer gets in touch with you (via social networks, skype, etc.) and introduces himself as MMM administration.
- He makes up a reason (e.g. the suspicion of fraud) and asks you to send your password to the account for so-called reliability verification.
- You believe him and send the password. The scammer changes the account data and transfers MAVRO to his bank details.
Remember: MMM administration never asks for your password in any circumstances. Only you know the password. Don't give it to anyone, especially to the fake administration!
The majority of the participants know that MMM does not ask for a password, so the scammers have other ways and offer paid services on behalf of the administration:
- The scammer contacts you (via social networks, skype, etc.) and introduces himself as MMM administration.
- He offers the solution of your problem: to unlock your account, to make this process twice faster, to consider the ticket right now and so on, asking for a certain amount, e.g. $ 20.
- You are happy that the account will be unlocked and send 20 dollars to the scammer. As a result, you lost 20 dollars, and the account remained blocked.
Remember: MMM administration never offers any paid services and doesn't take money from the participants. If you are asked to transfer money to the account of MMM administration for some services — you are cheated!
Create a complicated password and keep it safe
The attacker can get the password of the Personal Office without trying to have it out by fraud from you personally. Scammers use software to generate passwords and choose the cipher automatically. If the password is too simple — you are under threat of hacking.
The password has 5 categories of complexity:
- Very simple. Such password is easy to pick out even for a beginning hacker. It often consists of letters or numbers in a consecutive order on the keyboard.
Examples: qwerty; 123456.
- Simple. The password consists of letters (often a word) or numbers (usually date of birth), without a consecutive order on the keyboard. It’s too easy to crack.
Examples: mavrodi; 010392.
- Average. The password consists of letters and numbers, of more than 8 characters. This password is difficult to crack, but if the hacker is advanced, he can do it.
Examples: goldenstyle1771; neverbealone45.
- Complex. This password is hard to crack even for the advanced hacker. It has more than 11 characters, it consists of different letter cases (large and small) and numbers.
Examples: sCorPionWins1572; MMMfOrEvEr77877.
- Very complex. Such passwords will bring problems even to the state security services, not to mention usual hackers. Such passwords are at least of 15 characters, contain upper and lower case letters, numbers and symbols.
Examples: [email protected]_55278; ToGE-therWE%chanGe_theWORLD_17
To keep your Personal Office safe, use difficult and very complex passwords. Change passwords every 3-6 months.
If you find it difficult to come up with a complex password, use the online generators:
Do not keep your passwords in a text document on your computer, memorize them and write down on a piece of paper, put it in a safe place.
For additional convenience and security you can use a free password Manager KeePass - http://keepass.com/. The passwords will be stored in a secure database. Create one complex password for access to the program. This password can be used to log any other sites in.
Remember: Scammers use programs to guess passwords. To protect your Personal Office, create complex passwords of 11 and more characters with numbers and mixed letter cases. Do not store the passwords in text documents, write them on a piece of paper and/or use a password Manager KeePass. Change your passwords regularly.
Use Gmail and set maximum safety
If an attacker cannot guess the password to your account, he attempts to hack your E-mail in order to get access to your Personal Office using the password recovery procedure:
- The scammer cannot guess the password to the account. He clicks “forgot password”.
- The hacker cracks the E-mail and finds a letter from MMM, clicks on the link and comes up with a new password to log in.
- The attacker changes the accounts details for his own and transfers MAVRO to his account. You won't even get access to your PO because you don't know the new password.
We highly recommend you to use Gmail — mail.google.com/. It is the most secure mail at the moment.
- Create a complex password for Gmail, different from the passwords to social networks, MMM Personal Office and other sites. Change it regularly.
- Make up a difficult question for the password recovery. For example, what nickname did you invent for a second cousin’s hamster when you were 12 years old?
- Use a two-step authentication. To log in your email you will enter codes, received via SMS, a phone call or a mobile app. The scammer won’t log in your e-mail, even if he hacks the password, because he doesn’t know the secret code.
- Use Google Authenticator (GA). This convenient mobile app for passing a two-step verification. It is supported by Android, iPhone and BlackBerry and works even without Internet connection or mobile network. Instruction
- Remember: a scammer can get into PO by cracking your E-mail. Use G-mail, invent a complex password and change it regularly. Set maximum security: select a difficult security question for the password recovery and select a two-step authentication.
Use only secured browsers and do not allow them to save passwords
If you have invented a reliable password and protected your E-mail, the scammer may try to attack you through the browser. One of the browser’s functions is remembering passwords so that it would be more convenient for the user to log in sites. This can be used by the attacker:
- You come up with a complex password and allow the browser to save it. You go to make tea.
- The scammer hacks your browser and copies the password.
- The attacker enters your Personal Office and creates a request for assistance, filling in his details. You return with the tea, and your money is already transferred to the account of the scammer.
Protect yourself from hacking by 2 steps:
- Use only tested browsers with a high security. We recommend Google Chrome and Mozilla Firefox.
- Do not allow your browser to remember passwords.
Remember: an attacker could try to hack you via the browser. To protect yourself, use only tested browsers (Google Chrome or Mozilla Firefox) and do not allow them to remember passwords.
Do not visit suspicious websites and install a powerful antivirus
If you store the password in your computer or phone, the attacker has another option to steal it - to infect your PC or smartphone with spyware. How it happens:
- You surf the Internet and see the message on one of the sites “Congratulations, you are the 1 000 000th visitor, you have won BMW X6”.
- You follow the link, then you are asked to fill the winner's form in in the bulletin. You need to download it, fill it in and send.
- You download the file and open it, and there is a virus instead of the form. The computer is installed with spyware, and the attacker gains access to your documents.
- The scammer finds your password on the PC, log in the Personal Office and transfers Mavro to his account.
- Additionally, he transfers money from your credit card to his card, locks down your computer and demands a ransom for unlocking it.
Use the rule of 4 “do nots”:
- Don't click on unknown links
- Don't click on pop-up advertising
- Do not download unknown files (including via social networking websites and programs for chatting, e.g. Skype).
- Do not visit suspicious websites.
Remember: an attacker could try to infect your computer with a virus or spyware program to steal money and information. Install a powerful antivirus, don't download unknown files and don’t click on suspicious links.
Update your antivirus, PC software and phone regularly
If you use all ways of the security, but do not update the software, you still risk being infected by a virus or a spyware program.
How it happens:
- You install an antivirus. It's been offering an update during the month, but you postpone it.
- The scammer attacks your computer with a new spyware program and infect it, because the antivirus is outdated and does not defend against new viruses.
- The scammer steals your money and information, and you clutch your head and beat yourself up because you didn’t update the antivirus in time.
We recommend to select automatic updates. Also update the operating system of your PC (Windows, Linux, Mac OS) and the smartphone (iOS, Android, Windows Phone, BlackBerry). Optionally update the software on your devices.
Remember: an attacker could infect your computer with fresh spyware, if you do not update the antivirus. Regularly update your antivirus, operating system and software on the PC and the smartphone.
What to do in case of hacking
If you failed to protect yourself and the scammer hacked your account — do not panic.
- Check whether you still have access to the Personal Office. If so, write to the support service immediately. MMM administration will temporarily stop the opportunity to make any operations using your PO, so that the scammer couldn’t transfer your MAVRO.
- If the scammer has managed to create a request for assistance before the administration reviews the ticket, ask the sender not to transfer money.
- Even if you cannot log in your PO, inform an online consultant about the hacking.
To be a victim of the hacking is annoying, but not fatal. Don't let scammers steal access to your account.
Before you continue to participate in MMM, follow these steps:
- Scan the PC and the smartphone with your antivirus. Clean them from the malicious files.
- Make sure that intruders do not have access to your e-mail address. Be sure to change the password to the e-mail.
- Change the password to your Personal Office.
Remember: if you are hacked, don't panic. Inform MMM administration. If the scammer has created a request for assistance, ask the sender not to transfer money. Clean your computer and smartphone from viruses and change your password to the e-mail. Then change your password to your Personal Office.
Follow these rules and do not allow criminals to deceive you — to infect your computer, steal money or information.