How hackers can permanently lock you out of your accounts | Dylan Curran

Some hackers use malicious code, but most just hide in plain sight. It can be devastatingly effective

When their computer or social media account is hijacked by an unknown entity, most people probably picture something like this: a faceless man hunched over a sleek laptop in an abandoned building, eyes darting to and fro, hands dancing across a mechanical keyboard. Green ciphers wash down his screen faster than the eye can track until " ping! your face pops up on the screen. He just cracked your Facebook account, and now this digital mastermind is going to message all your friends asking for money. Jackpot.

This only happens in movies, of course, and while a minority of "hackers" do write Trojan horses, viruses and other malicious code, most just hide in plain sight and exploit human psychology to gain entrance. Social engineering can take many forms, including "tailgating" - following someone through a turnstile or into an elevator to access restricted floors; showing up at a restricted site disguised as an IT contractor; or the infamous SIM-swapping hack in which the hacker simply calls T-Mobile's customer service, pretends to be you, perhaps gives your home address or SSN, and asks to port your number to a new SIM card, bypassing any two-factor authentication you have. This isn't particularly difficult; the data needed to pretend to be you can be easily gleaned from the hundreds of data breaches that occur every year. Most often, hackers enter through the front door.