Blog Layout

Google studies effects of leaked logins

Detangle IT • Nov 21, 2017
Google studies effects of leaked logins

Passwords are your first line of defense against hackers. But over the years, they have developed plenty of methods to steal them. To gain a deeper understanding of how cybercriminals operate, Google analyzed the causes of leaked login credentials. Here are the results.

The results
From March 2016 to March 2017, Google and UC Berkeley researchers examined three main ways hackers hijack accounts:

  • Keylogging software - a malicious program that records computer users’ keystrokes
  • Phishing emails - to lead people into dangerous websites
  • Stolen passwords - available to the highest bidder

In just one year, Google found 788,000 successful keylogging attacks, 12.4 million victims of phishing attacks, and 1.9 billion accounts exposed via login credentials sold on the black market.

Researchers suggest the reason so many accounts are hacked is because people tend to reuse their passwords, which means if one set of login credentials is exposed, other accounts could be compromised.

Phishing is also a big threat because it targets users -- the weakest links in your cybersecurity. The strongest password or security system won’t mean anything if your employees constantly fall for online scams.

Protecting your accounts
There are several things you can do thwart account hijacking. For starters, you should set strong and unique passwords for each account to minimize data breaches.

While the general rule in the past was to set a complex password -- a mix of letters, numbers, and symbols -- recent studies suggest that longer, 20-character “passphrases” are much tougher to crack. If you find it difficult to remember several passwords, consider using a password manager, which not only stores all your passwords, but can generate strong passwords, too.

To deal with phishing attacks, you should activate multi-factor authentication on your accounts. This adds an extra layer of identity verification to your password (e.g., a fingerprint scan or a temporary security key sent to your phone), making your login details ‘unphishable.’

Security training is also crucial. This includes teaching your employees about what phishing attacks look like and instructing them on password protection best practices so they never fall victim to account hijacking.

The bottom line is not only that strong password security requires strong defense mechanisms; you and your employees must be vigilant, too.

Need more advice on keeping your business safe? Call us today! We provide critical security updates and comprehensive support services to help you stay well ahead of cybercriminals.

Fileless malware: The invisible threat

By Detangle IT 20 Jul, 2020
Scanning the files you download is not enough to detect malware these days. Hackers have found a clever way to get around antivirus and anti-malware software by using fileless malware. Since this malware is not as visible as traditional malware, it can infect your entire infrastructure without you even knowing. Let’s take a closer look […]

How to tell if your Mac is compromised

By Detangle IT 15 Jul, 2020
Viruses and malware creators are out to attack anyone and everyone, including Mac users. Despite Apple’s robust macOS that makes it difficult to attack Macs, cybercriminals are finding ways to identify and exploit vulnerabilities. Read on to find out which threats you should protect your Mac against, as well as signs that your computer has […]

Top tips for making your website look awesome

By Detangle IT 03 Jul, 2020
Like people, websites also need to be dressed for success. Here’s how you can make yours look impressive and have visitors eager to do business with you. Make a statement with professional photographs Before site visitors read what’s on your website, they assess it by checking out your images. A picture is indeed worth a […]
SHOW MORE
Share by: