LetMeIn101: How the Bad Guys Get Your Passwords – Passwords are essential to your cybersafety. You know it, but if you’re like the rest of the digital society, you probably have dozens of passwords to remember. It’s a lot. So, you might take shortcuts. Taking advantage of your laissez-faire attitude is one way bad guys access your passwords.
Incredibly, there are still people out there using “password” or “123456” in their access credentials. Some people don’t change the default passwords on their devices. So, anyone can pick up a router, look at the sticker identifying the password, and access that network.
Tip: Avoid the obvious passwords! When you have to create a password, make an effort. When it’s time to update a password, do so. Steer clear of simple, easily guessed patterns.
Cybercriminals can also guess your password. With a little bit of research about you online, they can make some informed guesses. Common passwords include pet names, birthdays, and anniversaries. These are all easy to find via your social media accounts.
Tip: Be careful what you share on social media! Don’t befriend strangers, as you are giving them access to a goldmine of info for personalizing an attack on you.
If that doesn’t work, criminals may try brute force. They might script an automation bot to run thousands of password permutations until they get a hit. The software will try a long list of common passwords and run through dictionary words to gain access.
Tip: Use a complex password with numbers, letters, and symbols or a passphrase. A passphrase is typically at least 19 characters long but is more memorable, as it unique to you.
The criminal may also be working with info from a data breach. In early 2019, a security researcher found more than 2.7 billion email/password pairs available on the Dark Web. Criminals accessing that database could use the data as a starting point, as many people duplicate their passwords across accounts.
Tip: Use a unique password for each site. Yes, that’s overwhelming to remember, and that’s also why you should use a password manager to keep track of it all for you.
Criminals can also access your account if you’ve used a hacked public computer. The bad guys may have installed a key logger on the computer. The logger records every key you press on the keyboard. Or they might have compromised a router or server to be able to see your information.
Tip: Be cautious about your online activity on computers or networks you don’t trust.
Of course, there’s one more method of getting your password that we haven’t addressed yet. It’s the familiar phishing attack. For instance, you get an email that looks like it was sent by your bank. Phishing typically has an urgent message and a link that directs you to what looks like a credible page.
Tip: Pay attention to who is sending the email and hover the mouse over the link to see where it goes. If you are concerned about your bank account, for example, open up a browser and type the URL manually rather than clicking the link.
These tips can help you to protect your valuable passwords. Still, setting up a password manager and amping up your internet security can help too. Need support getting ahead of the cybercriminals?
Check out these additional helpful articles: How Do Hackers Get Passwords? – Click Here
Avoiding and Reporting Scams – Click Here
10 Signs of a Phishing Email | How to Identify Phishing Attacks – Click Here
Contact our experts today! Call us at (651) 456-8655 or visit our Contact page.
Stay Safe Shopping Online This Holiday Season (11/29/21) – Retail research tells us that over 75% of people are shopping online each month, and, with the holiday season upon us, you’re likely to be one of them. But don’t let the appeal of convenience distract you from the need to stay safe when shopping online.
The number of digital buyers is steadily climbing. In 2020, according to Statista, more than two billion people purchased goods or services online. During the same year, e-retail sales surpassed $4.2 trillion U.S. dollars worldwide.
Retailers are embracing the change in consumer behavior. But, do you know who else is taking advantage? Cybercrooks. Before you buy, consider these strategies to stay safe.
#1 Question that great deal
If a deal looks “too good to be true,” it probably is. You’re not going to get a new Apple laptop for $29.99, or the latest Beats headphones or Xbox gaming console for under $20. Anyone offering you that price is trying to lure you to their site to enter your payment details, so don’t be surprised when your product never arrives!
#2 Review safe seller feedback
While scrolling social media you see adverts for perfect gifts for someone on your list. And it’s so easy to click the link and buy! Still, before purchasing, take the time to research the seller.
Read the feedback from other buyers on independent sources. It adds only a few moments to check sites such as Trustpilot and Google My Business.
#3 Research the business domain
Think about it: who are you more likely to trust with your sensitive data? Someone who has been in business 10 years or someone who set up shop 10 days ago? Quickly check how long a business website has been around. Enter the URL into the Internet Corporation for Assigned Names and Numbers’ lookup tool [https://lookup.icann.org].
#4 Watch out for email scams
Before clicking on any offer links in emails, check the URL. You can hover over the link before actually redirecting there and check the target. Double-check that the address is to the site you’re expecting.
Also, slow down and be sure that the address doesn’t have any typos or atypical endings. You don’t want to confuse www.nike.com with www.n1ke.co and end up a victim of identity theft instead of the proud owner of the latest Air Max.
#5 Check safe payment site security
There are several ways to verify the security of a payment site. These include:
verifying that the site uses an SSL certificate – it will start with “https” instead of “http”;
checking for a physical address and phone number – call the contact number to confirm it is not fake;
reviewing the Terms and Conditions and Return and Privacy policies – any reputable brand has these!
#6 Pay with Online Payments
When you do decide to buy, prefer to pay using PayPal or another online payment tool. You won’t be giving the seller your credit card details. If you can’t take this approach, use a credit card from a credit account rather than debit. You will have more protection this way. You can start a chargeback through your credit card company when the item isn’t as advertised and the seller’s customer service doesn’t help.
Before online shopping, at any time of the year, update your operating system, and keep your anti-virus software current, too.
Inver Grove Heights Residents – Don’t Fall Victim to Webcam Blackmail. Many users have reported recent scam messages from individuals claiming to have intercepted their username and password. These messages often state they have been watching your screen activity and webcam while you have been unaware.
Typically, attackers threaten to broadcast footage to your contacts, colleagues, or social media channels. Demanding payment in Bitcoin, malicious hackers blackmail their victims to keep confidential information private.
Where Have the Attacks Come From?
In many cases where hackers have claimed to have a victims’ password, this has turned out to be true.
In the last few years alone, many large websites have suffered enormous hacks which have released confidential details on many of their users. LinkedIn, Yahoo, and MySpace all suffered massive and devastating hacks. Some users of these services are still feeling the consequences today.
The details leaked from these sites, and others facing the same issues, are sold online for years after the initial breach. Hackers buy username and password combinations in the hopes of reusing them to access services, steal money, or blackmail their owners.
How to Respond
If you have been contacted by one of these hackers, it is a scary reality that they could have access to your credentials, data, and online services.
The only thing you can do in response to this type of email is to ignore it. This “we recorded you” email is a scam made much more believable because they probably do have one of your real passwords gained from a site hack.
That said, accounts that share the same password should be changed immediately. Security on additional services you use should be updated too.
Self Defense On the Web
When using online services, a unique password for every site is your number one defense. A good password manager makes this practical and straightforward too.
Using a different password for each site you use means that hackers can only gain access to one site at a time. A hack in one place should never compromise your other accounts by revealing the single password you use everywhere.
Often, people think that maintaining many passwords is hard work or even impossible to do. In truth, it’s almost always easier to keep tabs with a password manager than it is to use the system you have in place today.
A high quality and secure password manager such as LastPass, or 1Password, can keep track of all your logins efficiently and securely. They often offer the chance to improve your security by generating random and strong passwords that hackers will have a tougher time cracking.
Password management services offer a host of features that help you log in, remind you to refresh your security, and make your safety a number one priority. After using a manager for just a short time, you can be forgiven for wondering how you managed without it.
If you think you might have been hacked already, or want to prevent it from ever happening, give us a call today at (651) 456-8655 to update your security. You may also visit our contact page HERE.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.AcceptNoPrivacy policy
Recent Comments