Popular cosplayer, model, singer, and actress Myrtle Sarrosa is the latest addition to the long list of celebrities who’ve fallen victim to cybercrime. Her social media accounts were hacked over the weekend but she has since retrieved them.
“Thank God walang office last Saturday and Sunday so hindi niya pwedeng i-transfer ’yung laman ng account ko to him,” she told media Monday in an interview at the Cyber Crimes Division of the National Bureau of Investigation.
She added there is a strong chance of catching the hacker as they’ve already determined the IP address (“’yung location is only here in the Philippines”) and service provider.
On Twitter, Myrtle revealed the hacker used her personal e-mail account to gain access to her Facebook and Instagram accounts, as well as her fan page. She was surprised it happened despite using precautions like installing a two-step verification process in accessing her e-mail account. Myrtle added the hacker changed her “connected phone number, backup…”
Myrtle advises people that to lower the risk of their accounts getting hacked, they should have separate e-mails for their social media accounts.
“With my entire experience with this, I realized how serious cybercrime actually is and how sad it is that no one has ever taken it seriously,” she wrote on her Facebook account, warning hackers that “crime definitely does not pay even if it’s online.”
Actress Nadia Montenegro also filed with the Philippine National Police’s (PNP) Anti-Cybercrime Group a complaint over a “computer-related identity theft.”
Through a fake Twitter account using Nadia’s name, the impostor maligned several known personalities, including Luis Manzano, Manny Pacquiao, Daniel Padilla, Kathryn Bernardo, and even incoming President Rodrigo Duterte. When that account was suspended Friday, the impostor just put up another fake account the next day.
In a PEP report, Nadia said that to begin with, it was “physically impossible” for her to post tweets particularly between May 9 and May 12 since she was in a location shoot in Pangasinan where she had no access to the Internet.
The Cybercrime Prevention Act or R.A. 10175 defines “computer-related identity theft” as “the intentional acquisition, use, misuse, transfer, possession, alteration or deletion of identifying information belonging to another, whether natural or juridical, without right.”
Nadia’s one and only official Twitter account is @OfficialNadiaM.
Manila Bulletin Social Media Head Jayvee Fernandez shares tips on how to minimize the possibility of being victimized by hackers:
First, avoid using your last name or birthday as password. Instead, use random words and numbers that make sense to you so you can remember them.
Jayvee added that making the password longer than usual is better. “Use capital letters. You can also use symbols and also use eight to 12 characters,” he said.
Second, even if you think you already have foolproof password, change it once in a while.
“You can also use a password manager application, which could help them create new passwords…”
Third, as Myrtle did, choose two-step verification process. This means you not only log into your account using a password, but it’s verified through a text code sent to your mobile phone.
“And if you are using a public computer, make sure not to click the authorize button,” said Jayvee. “Kailangan ang authorized lang eh ’yung phone mo, personal laptop, and computer mo sa bahay. Kasi maski ma-access man ng hackers ’yung password mo eh, hindi pa rin 100 percent kasi kailangan nila ng code.”
If your account gets hacked, report it promptly to the social media server.
“There is a report tool on Facebook, Twitter, and Instagram. You just need to give them a proof like valid IDs,” Jayvee said. “Also, important na real name mo ’yung gamit kasi mahirap kapag hindi mo name ’yung ginamit mo.” (R. Tan with report from J. P. Panaligan, mb))