4 (Mostly Simple) Ways to Keep Safe From Spammers' Snares

One billion -- that's the number of stolen usernames and passwords that a Russian cyber-crime gang has apparently accumulated. It's a huge number and a hacking milestone.

On a practical level, though, the figure reported in the New York Times likely won't translate into anything big. Here are two reasons why:

First, the hackers have primarily used the information to target people with spam e-mail and social-media messages on Twitter and similar services, according to Hold Security, the Milwaukee-based consultancy that discovered the database of stolen account information. But here's the thing: Spammers are highly inefficient. While the one billion figure is eye-grabbing, the real number to focus on is 99.6 percent. That's how often spam filters block those messages, according to The Spamhaus Project, an anti-spam nonprofit based in London and Geneva.

In other words, the vast majority of people whose online credentials were stolen likely won't experience any direct harm. Of the people who do see the messages, fewer still will open them. And even then, users will have to be fooled into clicking on links designed to infect their machines or sell them fake pharmaceuticals.

Alex Holden, founder of Hold Security, did not immediately respond to requests for comment.

Here's the second reason: Even if you're unlucky enough to be in the 0.4 percent group that does see the spam messages, there are four steps you can take to protect yourself:

  • Don't open spam. You know this. Why do you make us repeat ourselves?
  • Don't be lazy: Use a variety of passwords. Online thieves are hoping you use the same credentials for all the sites you access, including ones that store financial information.
  • Update your software with the recommended security patches. Many users still ignore these.
  • And if you're worried your computer might already be infected, take the extreme step of re-installing the operating system to start over. Changing passwords on a breached computer won't do any good. The cyber crooks will have those, too.

Online security is much like exercise and eating leafy greens. You know you're supposed to do it. So why aren’t you?

Before it's here, it's on the Bloomberg Terminal.