11
May

3 Ways Hackers Obtain Passwords

3 Ways Hackers Obtain Your Passwords

No matter what people say about passwords. Too long, not long enough, too exhausting to enter each time. We will never get away from using them, so it is about time we start to protect them. In our post, we will look at Three different ways cybercriminals are getting access to your passwords.

  1. Phishing

Over 75% of cybercrimes begin with a phishing attack. A phishing attack is a well-disguised email used to get your data. The basic principle here is to get the email recipient to believe what Is in the email is something they need or want. What I’m saying here is a well-placed email that looks like it’s from your bank, your favorite coffee shop, or even the company you work for. A well masqueraded email that has a link or an attachment in it.

Because we live such busy lives and now we are working from home because of #COVID-19 we click on the link. Why? Because in your own mind this is a safe email because the sender appears to be known to you.

How do you prevent a phishing attack from happening to you?

  • personal data.
  • What out for the URL you are seeing is now being redirected elsewhere. The page may look the same but the path is now completely different.
  • Don’t post personal data such as holidays, birthdays, addresses, or phone numbers on social media. We all do it.

 

  1. Key Logging

Keylogging is a technique used in targeted attacks, in which the hacker knows the victim. That victim could be a friend, relative, or corporation.

Keyloggers record every keystroke when typing on your keyboard. This can be particularly effective in obtaining personal information for such things as your bank account and other sites that have secure forms to fill out.

Keylogger attacks are much harder to pull off than that of the phishing attack as it requires access to the device with the keylogging malware installed. Having said that, there are lots of publicly post-exploitation kits readily available that offer these cybercriminals off-the-shelf keyloggers not to mention the commercial spyware tools that we use as monitoring tools for our employees or as parents to watch our kids.

How can you stay safe from such an attack? Be sure to have a solid Antivirus product installed. Be sure to have all the antivirus definitions up to date. Be patched! Another way to be safe is to make sure your password is strong. Use numbers, special characters, and upper case and lower case in all your passwords. If you have trouble remembering all these passwords. Purchase an industrial proven software bank that stores your passwords with encryption and safety measures in place. The traditional, off the internet free stuff, just doesn’t cut it anymore.

  1. Extortion

Probably the lowest on the risk scale but still effective. Extortion is basically a demand for you to give up your personal credentials in a threatening manner. Straight up blackmail attack, to put it bluntly.  A scare tactic if you will. We all see the sextortion emails floating around. “We found compromising information about you and we will share it with all your contacts.” Yes, one can be affected but these attacks. RAT malware is an example of this. It allows the cybercriminal to spy on you through your web camera and expose you.

As extortion and or ransomware attacks rise there is no rule book on how these demands are met. It boils down to what does one pay for what they are about to lose? Again, a very strong password is key here, but that isn’t going to get you by. Using a password manager isn’t going to get you all the way either. Combined with a proper cyber-protection software that uses AI-Based algorithms, leading-edge ransomware software, and active protection is key.