You may remember the scene from CSI where the tech geek was able to crack a criminal’s password by typing furiously on her keyboard, while watching lines upon lines of code flash by, much too fast for the normal human eyes to catch.
We think of hackers as beings with superhuman abilities, that can somehow breach into a system, which we imagine, by typing the right codes into a computer. In reality, most passwords are not “stolen”, but consciously given, due to the data owners’ negligence and lack of knowledge of basic Internet security protocols.
Here are 3 common ways hackers can steal your passwords.
1. Phishing for passwords
Cyber criminals are more creative than ever at getting your attention, at making you become more vulnerable, and making you stop thinking critically. These kinds of attackers play with your strongest emotions. They pose as your colleagues, credit card companies, banks, and even family members.
Phishing attempts are often successful when the recipients are under stress and anxiety. In 2020, at especially difficult times, phishing attacks became a common occurrence. Research also suggested that 97% of people find it difficult to recognize phishing emails.
2. Keylogger malware
When many dangerous emails fail to gather the right data, some go a step further and attach keyloggers with the email. If downloaded, the malware will record everything that you type on your keyboard, including passwords.
There are third-party software that can detect keyloggers in personal and corporate computers. However, the risk of data leak is much greater in larger organizations. The current best way to protect against keyloggers is to use two-factor authentication (2-FA) when logging into a sensitive account.
3. Brute force (password stuffing)
You may remember your first password to be a common word, such as “password”. Later, websites suggest that you add at least one capital letter, one number, and one special character. Perhaps you may have typed something like “Password123!”.
Despite following the rigid rules of password creation, such passwords are still being used. These passwords can be guessed using algorithms that try to guess different combinations of characters until the correct one is discovered.
The best solution to this is to use random password generators that can produce a long string of random characters that would take years for brute force algorithms to guess correctly.
If you are a manager of a company, it is crucial that you give your employees mandatory and regular training on online security and data protection. Xynexis IGNITE has your back. Learn more about us on this site.