Beware of Zombie Accounts: What They Are and What You Can Do About Them

Zombie accounts—a cryptic name for those abandoned accounts we all have out there in cyberspace. Like a zombie, these accounts can wreak havoc on your life. They go unchecked and, therefore, become more susceptible to being hacked because you’re less likely to notice issues. 

You may be thinking, “So what if my old MySpace account is hacked?” The truth is, by accessing one account, cybercriminals can more easily find a way to access others that belong to you, especially if you are using a similar password or username. Each account you leave unmanaged, typically for more than one year, puts you at increased risk. 

First, we recommend making a list of any zombie accounts you may have. Start in your inbox by searching for welcome emails from companies. Once you have your list pulled together, try accessing those accounts. If you can’t remember your credentials, contact the company directly. Once you’ve logged in, delete the account.

For businesses, zombie accounts happen most often when an employee leaves or is terminated and their various accounts are never closed. For businesses that have a lot of seasonal employees or interns, this becomes a more frequent issue. Unfortunately, there are cases when old employees use those old accounts for harmful purposes or in retaliation toward the company. The best way to solve this problem is to establish solid access control policies.

It’s also a good idea to start managing these kinds of accounts with a closer eye moving forward. If you’re only going to use a site once, check out as a guest or immediately delete the account if you know you won’t use it again within the next year.

To learn more about access control policies and best practices, contact us.