Contact us today!
561-795-2000 
844-795-2001

FRS Pros Blog

How Cybercriminals Are Keeping Themselves Entertained

How Cybercriminals Are Keeping Themselves Entertained

With the given pandemic, a lot of people have had a bit more time on their hands, so it makes sense that many are turning to streaming services and the like for their entertainment. Unfortunately, this has not gone unnoticed by cybercriminals.

Let’s take a few moments and examine the practice of credential stuffing.

What is Credential Stuffing?

Credential stuffing is an aptly named method for an attacker to gain access to an account. It’s also the reason why we always recommend that you use a different username and password for each account.

Let’s say that Website A, a popular social media platform, suffered a data breach, and some of its info was leaked, with usernames and passwords included in the mix. This means that John Q. Hacker can take this list, go to other sites, and start trying them out. If a user was reusing their credentials, our hacker has a match and now has access to their account and information, whatever it may be.

So, by essentially running through a spreadsheet, an attacker can gain access to far more accounts than they should.

The Current Problem

In their most recent report, Akamai (a platform-based service provider) had reviewed data collected throughout 2018 and 2019 to deliver insights to the media industry. As they explain in their included letter from the editor, the rise of the COVID-19 pandemic quickly caused them to reconsider. Thanks to this reconsideration, the report also shows trends as influenced by the pandemic.

As you might imagine, these trends are quite telling.

Credential stuffing exploded as the coronavirus tightened its hold. In fact, reviewing the documents that Akamai produced shows that their graphs needed to be dramatically increased in scale, tens of millions transitioning to hundreds of millions as numbers increased fourfold. As Europe locked down, a video media service was hit on March 26 by over 364 million malicious login attempts, with over 6 billion attempts taking place in that month alone.

The economics of these stolen credentials also share some insights. In the beginning of Q1 2020, researchers took note that video media accounts were priced at about $1 to $5, with bundled services coming in at $10 to $45 each. However, these prices plummeted by the end of Q1 with all the new credentials that were made available.

Why This Matters

As we have already stated, these kinds of attacks are exactly why it is recommended that access credentials aren’t recycled.

“Why would anyone hack into my stuff?”

We’ve all had this rationalization sound off in our heads as we’re asked to provide a password for a new account. We wonder if it really matters how secure our password is, after all, we’re not anyone of interest, so is all that security really worth the effort?

Besides, it’s easier to just remember the one.

As a result, a sizable number of people have the same usernames and passwords on multiple platforms. This is where the problem lies. Sure, some person accessing your Netflix account is one thing, but someone accessing your bank, or your tax returns, or your work email (sending us down another rabbit hole) is quite another.

So, where do we go from here?

Well, first thing, you need to go over your own accounts and make sure that all of them are properly secured. At FRS Pros, we tend to recommend that your passwords include the following, to help boost their security:

  • Lots of characters
  • A diverse mix of letters, numbers, and symbols
  • No personally identifiable details (like your pet’s name, hobbies, etc.)

Alternatively, you could consider a passphrase. A passphrase (like “flankingcollisioncurtlytabletbovine”) takes five unrelated, random dictionary words and combines them, making a memorable, but essentially impossible to crack, passcode for you to use.

Second, we recommend the use of a password manager to help keep track of these passwords/passphrases. With a password manager to help you remember, you no longer have any excuse to slack off on your security.

FRS Pros can help make your business’ computing more secure as well, along with our many IT services. Find out how we can assist you by giving us a call at 561-795-2000.

Ransomware is Still a Major Threat
Tip of the Week: Altering Your Android Device’s Po...

By accepting you will be accessing a service provided by a third-party external to https://frspros.com/

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Privacy Hackers Internet Software User Tips Efficiency Google Innovation Cloud Hardware Microsoft Data Workplace Tips Email Communication Smartphones Hosted Solutions Small Business Business Management Business Computer Mobile Devices IT Support Windows 10 Android Cybersecurity Tech Term Malware Data Backup IT Services VoIP Collaboration Backup Data Recovery Disaster Recovery Smartphone Upgrade Browser Users Office 365 Phishing Outsourced IT Miscellaneous Gadgets Windows Communications Internet of Things Ransomware Information Quick Tips Cloud Computing Network Covid-19 Apps Data Security Managed Service Mobile Device Cybercrime Business Continuity Saving Money Operating System Passwords Microsoft Office Social Media Automation Managed IT Services Mobile Device Management Facebook Health Wireless Alert Information Technology Server Law Enforcement Vulnerability Holiday Blockchain OneNote Two-factor Authentication Employer-Employee Relationship Save Money Conferencing Money Artificial Intelligence Managed IT Services Spam Best Practice Printing Applications Mobile Office Wi-Fi IT Support Chrome Managed IT Networking Virtualization App Patch Management Project Management Bandwidth Data Breach Telephone Systems Tech Support Battery Data Storage WiFi Access Control Risk Management Paperless Office Password Router Bring Your Own Device Vendor HIPAA Hacking Google Drive Settings Retail Windows 10 Gmail Managed Service Provider Computers Remote Workers BDR BYOD Windows 7 Word Unsupported Software Augmented Reality Wireless Technology Software as a Service Wireless Charging Government Google Docs Hard Drive Display Devices Application Data Management Encryption Robot Training Human Resources Productivity SaaS YouTube Safety Proactive IT Payment Cards The Internet of Things Sports Touchscreen Travel VPN iPhone Excel Telephony Management File Sharing History Apple Fraud Sales Mobile Security Evernote Audit Meetings Smartwatch Update Hosted Solution Google Assistant Data Protection User Error Remote Politics Avoiding Downtime Mobility Shortcut Search Hybrid Cloud Voice over Internet Protocol Wireless Internet Cortana Cost Management IT Management Data Loss Marketing Budget Commerce Business Technology Going Green Social WannaCry 5G Investment Net Neutrality IT Solutions Accessory Managed IT Service Remote Working Virtual Assistant E-Commerce Gifts Computing Sabotage Legal Troubleshooting Administrator Webinar Windows Ink Myths Procedure End of Support Copiers Antivirus Humor Streaming Media Consultant Testing Licensing Updates Business Intelligence Solutions Lithium-ion battery Memory Comparison Remote Monitoring Outlook ROI Internet Service Provider Computer Forensics Peripheral Microsoft Excel IT budget Managed Services Provider Reviews Alexa for Business Credit Cards App store PC CRM Personal Information Access IT solutions Chromebook Co-Managed Services Google Maps Spyware Threats Video Conferencing Inventory Chromecast Camera Microsoft Word Digital Signage Instant Messaging Printer Hacker Financial Payroll Specifications Virus Employees Windows Server 2008 R2 Emergency Reputation iOS WIndows Server 2008 Facebook Privacy Managed Services Employee AI Internet Exlporer Windows 10s HBO Telephone Scams Point of Sale Organization Data storage Proactive Entertainment Screen Mirroring Projects Tablets Maintenance Firewall PCI DSS Keyboard Remote Computing Computer Care Nanotechnology Security Cameras Identity Theft Unified Threat Management OneDrive Sync Workstation Uninterrupted Power Supply PowerPoint Admin Storage Social Engineering eCommerce Compliance Break/Fix FAQ Solid State Drive Hyperlink Edge Virtual Private Network Office Websites Hosted Desktop Emails Identity Cast Printers NFL eWaste Processor Regulations Compliance Root Cause Analysis Machine Learning Fiber Optics Vendor Management Laptop Upgrades Employee-Employer Relationship Development Telework Transportation Computer Fan Saving Time Identities Files Medical IT Charger Server Maintenance Remote Work Private Cloud DDoS Hard Disk Drive Value Wasting Time Ciminal Innovations Scam Downtime Data Theft Smart Devices Recovery Data Privacy Device Security Benchmarks Education Policy Disaster Amazon Holidays Samsung Touchpad Adobe Workers Micrsosoft Audits Gamification Keyboard Shortcuts Legislation Language Cache Current Events Electronic Medical Records Twitter Crowdsourcing Employer Employee Relationship Phone System HaaS Benefits Save Time Relocation Monitors Thank You Computer Accessories Television CrashOverride Flexibility Music Smart Technology Company Culture PDF es Congratulations Scalability Analytics Mobile Computing Communitications Text Messaging Black Market Cleaning Big Data Automobile Managing Stress Office tips USB Worker Regulation How To Books Advertising Video Games Experience Hiring/Firing Work/Life Balance Virtual Reality