Editorial: ‘Celebgate’ reminds us to keep up our guard online

Follow @csteditorials

Take a moment to log in to our special website and type in your most sensitive passwords …

On second, thought, maybe that’s a bad idea. As the “Celebgate” sentence handed down Tuesday in a federal court in Chicago reminds us, everyone should take cyber security with the utmost seriousness. For every photo, text or email you have entrusted to the online world, there is someone who wants to snoop into it.

And it ain’t just the Russians.

Follow @csteditorialsIn Celebgate, Edward Majerczyk, now 29, hacked into the online accounts of at least 30 celebrities, including the actress Jennifer Lawrence, much to their dismay and sometimes to their embarrassment. Majerczyk, who was living with his mother on the Southwest Side, operated a “spear phishing” scheme, which involves sending emails that appeared to be from internet service providers to lure celebrities to a website that collected their passwords. Many of the nude photos he found trolling through the celebrities’ private accounts wound up online, although the feds said there’s no evidence that part was his doing.

For spear phishing, Majerczyk was sentenced Tuesday to nine months in prison and ordered to pay $5,700 in restitution to one of his victims. Prosecutors asked for nine months, but had the sentence been longer, that would have been fine by us. Society must do whatever it reasonably can to discourage would-be hackers from going after others’ personal data.

It’s not just unwary individuals who are victims. Businesses are falling prey, too. Just this week, it was reported that the Securities and Exchange Commission is investigating data breaches at Yahoo that involved more than a billion user accounts.

Cyber attackers are getting increasingly sophisticated. The laughable attempts of the past to trick users, emails full of misspellings and outrageous syntax, are giving way to online messages that appear to be genuine. So-called “watering hole” attackers — think of a submerged crocodile awaiting the appearance of a hapless gnu — lurk with malware at websites their victims are known to visit.

You don’t want to be a 21st century hacking victim. In the Celebgate case, an FBI agent said he had to stop one victim interview because the victim became “very distraught“ and “was having an anxiety attack and was visibly shaken.”

To protect yourself, use antivirus software and a firewall; keep software up to date; keep your passwords strong; avoid pirated software; respond quickly to data breaches at companies that have your information; don’t post so much personal information on social media that scammers can profile you; and be wary of popup windows, email attachments, public wi-fi hotspots and unsolicited phone calls or emails seeking private data.

And hope that authorities continue to send the message that cyber attacks won’t be tolerated.

Nine months for Majerczyk? He got off easy.

Send letters to letters@suntimes.com

Tweets by @csteditorials