Advertisement
5 ways hackers box you in easily and how to avoid them
30th November, 2025 11:26 PM
Almost daily, you will not lack a Kenyan complaining that someone was sourcing for money using their profile photo, then sending similar messages to the entire phone book.
In the process, the Mother Teresas of this world do not even ask questions to confirm whether the message truly came from their friend, even when the money request comes from a new number with the profile photo of their colleague.
In some cases, private chats and photos end up in different social media platforms, yet very few people want to ask or answer the important question. Who does it, how does it happen and how can it be stopped.
The truth is that most hacking does not involve complicated machines or advanced tricks.
Hackers mostly take advantage of human behaviour, simple mistakes and common habits.
Here are the main ways Kenyans get boxed by hackers and how they can avoid these traps.
Social engineering
This is the easiest trick in the playbook of a hacker. Social engineering works by abusing your trust.
A hacker pretends to be someone you know or a company you believe in. It may be a call claiming to be your bank.
It may be a text claiming to be from a delivery service. It may be an email pretending to be from KRA or Safaricom. The goal is simple.
They want you to share your password, your code or your personal information without thinking.
To avoid falling for this trick, never share sensitive information with anyone who contacts you first.
If someone claims to be from the bank, hang up and call the real bank number written on your card or website.
If someone sends you a strange link, do not touch it. When in doubt, do nothing.
Password spraying
Hackers know that many people use simple passwords like one two three four, one two three four five six or their year of birth.
Password spraying is when a hacker uses trial and error to guess common passwords on your account.
They do not guess randomly. They use lists of the most common passwords that people use.
This method works well because many people repeat the same simple password everywhere.
The safest solution is to create strong passwords with letters, numbers and symbols. Do not use your name or your child name.
Do not reuse passwords on different sites. If one account is hacked, the others remain protected.
Leaked credentials and keys
Sometimes your password leaks online without you knowing. This can happen when a website you signed up for in the past is hacked.
It can happen when a developer mistakenly uploads passwords into public websites. Hackers look for these leaked details and use them to enter your accounts.
In many cases, the hacker did not even target you. They simply found your information sitting in the wrong place.
The best defence is to change your passwords often and use two step verification.
Even if a hacker knows your password, they cannot enter without the code sent to your phone.
Known vulnerabilities
Every device and every app has weaknesses. These weaknesses are called vulnerabilities.
When companies discover these problems, they release updates to fix them.
Hackers watch these updates closely because they know many users are slow to update their phones or computers.
An outdated phone is like a house with a broken door. It invites trouble.
To stay safe, update your devices as soon as possible. Updates are not a bother. They are protection.
Human mistakes
Human error is the biggest doorway for hacking. Someone downloads an app without checking it. Someone joins free wifi at a cafe and opens their bank app.
Someone saves passwords in plain text. Someone forgets to log out on a shared computer. Even a small mistake can give hackers full control.
Avoiding these errors is simple. Do not use free wifi for private tasks. Do not store passwords carelessly.
Always log out when using public devices. Think twice before clicking or sharing anything.
