With the rise of modern technology, the use of the internet has skyrocketed. The Internet is used to find information quickly, communicate with people around the world, manage finances, shop from home, listen to music, watch videos, and much more. Due to its wide usefulness, it is inevitable to many cyber attacks.
Most of our daily operations are carried out on the internet, be it social networking, online shopping, online banking, official errands like emailing, file sharing, advertising, etc. Passwords provide the first line of defence against unauthorised access to your computer or online accounts.
So what if your credentials to these accounts get compromised? Who is likely to compromise your passwords? Why would they do it? How will this impact you as a customer or a business? And lastly, how can you prevent it? This blog intends to outline answers to these questions.
Credential theft is a type of cybercrime that involves malicious actors stealing a victim’s proof of identity like username and password. Its main goal is to gain access to accounts, networks, secure systems, and gather sensitive information. It is the first step of a cyber attack that enables malicious actors to work undetected throughout an organization’s system and wreak havoc.
Many credential theft attacks have been carried out using weak passwords. Example of weak password includes:
- Short passwords.
- Passwords using repeated or sequential numbers or letters like ABCDEFG, 1234567, password123, and so on.
- Passwords using personal information like a pet name, birth date, favourite band, and so on.
- Passwords containing only letters like “password”, or numbers like “12654357”.
How does Credential Theft happen?
- Social engineering techniques like phishing and spear phishing.
- Malware like spyware and keylogger.
- Automated attacks like brute force attacks, credential stuffing, and password spraying.
- Exfiltrate sensitive data (data breach).
Impact
The repercussion of credential theft can be devastating as your business might suffer:
- Reputational damages and lost trust of customers When talking about business, nothing is more important than your organization’s reputation and the trust of your customers. Credential theft can hinder your reputation to such an extent that you’ll have to sweat bullets to recover customers’ trust in your band.
- Ransomware costs Ransomware is a particular type of malware that an attacker could install by exploiting a system’s stolen credentials. If successful, your organization will lose access to confidential files and folders on the infected device. As a result, the hacker will then usually ask for a hefty ransom to unlock them.
- Lawsuits In some cases, credentials theft incidents and data breaches can also end up in lawsuits.
- Fines due to violated security regulations
Fix
1. Use a strong and unique passphrase with the following characteristics – Create a unique password by combining characters, letters, symbols and numbers. Also, remember not to use the same password on multiple applications and websites.
2. Do not save your passwords on your phone, PC, web browser, or paper. – This may sound obvious but avoid saving your passwords in a document, email, online note, sticky notes, web browsers, or anywhere else that could be hacked, or stolen from easily.
3. Use two-factor authentication – In the worst-case scenario, even if someone does manage to steal your password, you can still prevent them from accessing your account by adding an additional layer of security with two-factor authentication (2FA). This means that anyone trying to log in to your account will have to go through a second challenge after the correct password.
4. Train your staff – Train your employees on how they can recognize phishing and suspicious emails, promote online best security practices, and enforce strict password policies as listed in the industry-recognized standards like NIST. Explain to them the danger of using the same password across different platforms.
5. Use a password manager – Consider using a password manager to auto-generate strong, secure, and unique passwords and store them securely. With a password manager, you don’t have to worry about remembering your passwords, or using the same password across different platforms.
Have you detected any (or combination) of the following anomalies? If yes, you might just have realized signs of credential theft.
Phishing Email
-
-
- Unfamiliar tone or greeting
- Grammar and spelling errors
- Inconsistencies in email addresses, links, and domain names
- Suspicious file attachments that have extensions commonly associated with malware like .zip, .exe, .scr, etc.
-
Malware: Keylogger
- A slow browser
- A lag in mouse movements or keystrokes, or a disappearing cursor.
- Anti-malware scanners or antivirus software send alert messages of a potentially malicious file, process, or feature running.
Automated Attacks
-
- Changes in website traffic like multiple login attempts within a limited time frame.
- Higher than usual login failure rate.
- Downtime is caused by an increase in site traffic.
References
https://thehackernews.com/2022/08/credential-theft-is-still-top-attack.html
https://aristanetworks.force.com/AristaCommunity/s/article/Credential-Theft