From implementing two-step verification to avoiding the reuse of passwords, here are essential measures to prevent hackers from accessing your accounts.
Often, the first indication that your personal account has been compromised comes when you discover unauthorized access. Despite handling your account details cautiously, reusing parts of your passwords can be a critical oversight that allows criminals to infiltrate your accounts.
Modifying a password by adding numbers or symbols but keeping the base word the same provides an entry point for criminals into your digital life.
Ethical hacker Brandyn Murtagh, a proponent of “white hat” hacking, points out that data harvested from breaches at organizations like Dropbox and Tumblr, along with other cyber-attacks, often ends up circulating online.
Criminals exploit these stolen credentials by trying them on various websites, a tactic known as credential stuffing, to check if they can penetrate further into other accounts.
Not only do these hackers try the exact stolen passwords, but they also attempt variations of these passwords to gain access to more accounts.
According to research by Virgin Media O2, 80% of people use passwords that are either identical or very similar across different online platforms.
Using minor variations of the same password, such as changing ‘Guardian’ to ‘Guardian1’, virtually invites hackers to breach your accounts, explains Murtagh.
In collaboration with Virgin Media O2, Murtagh demonstrated to volunteers how swiftly he could uncover their passwords simply by having their email addresses, often obtaining results within minutes.
A Virgin Media O2 spokesperson commented on the predictability of human behavior that criminals exploit: “They are aware that you might simply append a period or an exclamation mark to your usual password.”
Understanding the Scam
Hackers employ scripts, which are automated sequences of commands, to test various password permutations in their efforts to access additional accounts. This is done on a massive scale, Murtagh notes.
“Typically, individuals are not singled out; rather, they are part of a large group of thousands who are simultaneously targeted. These tactics are scalable, resembling business operations,” he explains.
You may receive notifications about attempts to change your email or other account details, which can be a sign of unauthorized attempts to gain access.
Steps to Take
Murtagh advises changing any passwords that are merely variations of a common theme, starting with the most crucial accounts: banking, email, work-related, and mobile.
Consider using password managers, which are often built into web browsers like Apple’s iCloud Keychain or Android’s Google Password Manager. These tools can generate and store complex passwords for you.
Implement two-factor authentication or multi-factor authentication (2FA or MFA), adding an additional layer of security to your login process.
Similar Posts:
- Secure Your Email Now: Steps to Recover a Stolen Account & Prevent Future Hacks
- Boost Your Savings Now: Discover How Switching Your Current Account Can Help!
- Beware of Deceptive Discount Ads: Experts Call It a Highly Advanced Scam
- Scamazon Exposed: Prime Subscribers Beware of Phishing Scams!
- Alert: Booking.com Scam Jeopardizes Your Reservation!
