As much as we like to imagine hackers as psychics, evil geniuses, or Ethan Hunt breaking into Langley, most actual hacking is far different.  In reality, perhaps the best analogy of the three is as a psychic.  Not a supernatural psychic, but more like a mall psychic:  using a combination of basic logic and cold reading skills.

“Pictured here:  only 19% of all hacking.”

Most hackers gain access to improper materials simply by uncovering the password needed to access the information.  And if they don’t actually cull it from its source (which, really, is cheating), then they usually guess it.

This is not an uncommon thing, do you remember Sarah Palin? Back in 2008 this exact thing happened when her free Yahoo Mail account was “hacked.” Wired.com covered the method used in “Palin E-mail Hacker Says It Was Easy”

“As detailed in the postings, the Palin hack didn’t require any real skill. Instead, the hacker simply reset Palin’s password using her birthdate, ZIP code and information about where she met her spouse — the security question on her Yahoo account, which was answered (Wasilla High) by a simple Google search.”

As funny or light-hearted as this might sound, this hack had serious consequences for the Palin family in the wake of the breach.

In her book “Going Rogue”, Palin wrote that the McCain campaign confiscated her kids’ phones, and she and her friends and family had to cancel personal and business accounts that had been exposed by the hack; as a result, she could no longer contact her kids.  By the time it was over, some people had doubts about her intelligence and fitness to govern.

Seven years later, things don’t seem to be getting any better. South Korea is experiencing the “Palin problem” on a massive scale; their passwords are getting hacked.  According to this recent article:

“Internet users in Korea are notoriously more exposed to security risks than their counterparts in other countries, partly because their password hints are too easy to guess.”

According to the article, too many Koreans suggested questions such as “the city where you were born” and “what’s your favorite food”.  Apparently the answer to the first question is “Seoul” nearly 40% of the time.  The article doesn’t say their most popular favorite food, though I encourage you to guess “rice” if you’re a racist.

http://english.chosun.com/site/data/html_dir/2015/05/22/2015052201606.html

Here are some other security questions you should stay away from if you do not want your password swindled, along with the common answer.  As the article suggests, the dangerous questions vary by country.

South Korea:

“Who is your least favorite dictator?“ (Kim Jung-Un)

“How many doors does your Kia Sorrento have?”  (4)

“What is your favorite classic sitcom grossly mischaracterizing the American army experience?  (Seinfeld)

North Korea:

“Spell ‘Pyongyang’.”  (Pyongyang)

“What is your favorite Kim Jung-Un superpower?”  (Invisibility)

“What physical sensation are you most experiencing right now?”  (Hunger)

Japan:

“What is your favorite alcoholic beverage?” (Sake)

“Which emotion best describes your attitude toward your performance at work?”  (Overriding sense of shame)

Canada:

“What is your favorite kind of leaf?”  (Maple)

“What’s your favorite kind of bacon?”  (Back)

“What is your favorite place to get coffee?” (Tim Horton’s)

“Which Star Trek character do you most like to depict on our defaced currency?”  (Spock)

“Do you mind if I borrow your password and steal all of your confidential information?”  (Sure; no worries.)

Ireland:

“What is your favorite color?”  (Green)

“What is your favorite holiday?”  (St. Patrick’s Day)

“What is your favorite whiskey?”  (Wet)

Switzerland:

“What is your favorite kind of cheese?” (Swiss)

“What is your favorite kind of chocolate?” (Swiss)

“What is your favorite kind of army knife?” (Swiss)

Vatican City:

“What is your favorite dead language?”  (Latin)

“With what major religion do you most identify?”  (Catholicism)

“What does your significant other do for a living?”  (Altar Boy)

France:

“What was the name of your first pet?”  (Fifi)

“Voulez-vous couchez avec moi ce soir?”  (Oui)

“What was your favorite childhood activity?”  (Smoking or Drinking Wine (tie))

USA:

“Who is your favorite President?”  (That old white guy)

“What is the last thing you said to a police officer?”  (Ouch)

“How obese are you?”  (Morbidly)

Of course, these were all quite silly; some of them arguably even edgy.  Do you have your own funny suggestions?  Email them to bryan@seelysecurity.com.
Be sure to include your name, email address, the street where you grew up, the name of your first pet, and the name of your third grade teacher.

Or, if you want to find out if someone else already has your credit card number, email it to me and I’ll tell you.