Contact us today!
561-795-2000 
844-795-2001

FRS Pros Blog

How Cybercriminals Are Keeping Themselves Entertained

How Cybercriminals Are Keeping Themselves Entertained

With the given pandemic, a lot of people have had a bit more time on their hands, so it makes sense that many are turning to streaming services and the like for their entertainment. Unfortunately, this has not gone unnoticed by cybercriminals.

Let’s take a few moments and examine the practice of credential stuffing.

What is Credential Stuffing?

Credential stuffing is an aptly named method for an attacker to gain access to an account. It’s also the reason why we always recommend that you use a different username and password for each account.

Let’s say that Website A, a popular social media platform, suffered a data breach, and some of its info was leaked, with usernames and passwords included in the mix. This means that John Q. Hacker can take this list, go to other sites, and start trying them out. If a user was reusing their credentials, our hacker has a match and now has access to their account and information, whatever it may be.

So, by essentially running through a spreadsheet, an attacker can gain access to far more accounts than they should.

The Current Problem

In their most recent report, Akamai (a platform-based service provider) had reviewed data collected throughout 2018 and 2019 to deliver insights to the media industry. As they explain in their included letter from the editor, the rise of the COVID-19 pandemic quickly caused them to reconsider. Thanks to this reconsideration, the report also shows trends as influenced by the pandemic.

As you might imagine, these trends are quite telling.

Credential stuffing exploded as the coronavirus tightened its hold. In fact, reviewing the documents that Akamai produced shows that their graphs needed to be dramatically increased in scale, tens of millions transitioning to hundreds of millions as numbers increased fourfold. As Europe locked down, a video media service was hit on March 26 by over 364 million malicious login attempts, with over 6 billion attempts taking place in that month alone.

The economics of these stolen credentials also share some insights. In the beginning of Q1 2020, researchers took note that video media accounts were priced at about $1 to $5, with bundled services coming in at $10 to $45 each. However, these prices plummeted by the end of Q1 with all the new credentials that were made available.

Why This Matters

As we have already stated, these kinds of attacks are exactly why it is recommended that access credentials aren’t recycled.

“Why would anyone hack into my stuff?”

We’ve all had this rationalization sound off in our heads as we’re asked to provide a password for a new account. We wonder if it really matters how secure our password is, after all, we’re not anyone of interest, so is all that security really worth the effort?

Besides, it’s easier to just remember the one.

As a result, a sizable number of people have the same usernames and passwords on multiple platforms. This is where the problem lies. Sure, some person accessing your Netflix account is one thing, but someone accessing your bank, or your tax returns, or your work email (sending us down another rabbit hole) is quite another.

So, where do we go from here?

Well, first thing, you need to go over your own accounts and make sure that all of them are properly secured. At FRS Pros, we tend to recommend that your passwords include the following, to help boost their security:

  • Lots of characters
  • A diverse mix of letters, numbers, and symbols
  • No personally identifiable details (like your pet’s name, hobbies, etc.)

Alternatively, you could consider a passphrase. A passphrase (like “flankingcollisioncurtlytabletbovine”) takes five unrelated, random dictionary words and combines them, making a memorable, but essentially impossible to crack, passcode for you to use.

Second, we recommend the use of a password manager to help keep track of these passwords/passphrases. With a password manager to help you remember, you no longer have any excuse to slack off on your security.

FRS Pros can help make your business’ computing more secure as well, along with our many IT services. Find out how we can assist you by giving us a call at 561-795-2000.

Ransomware is Still a Major Threat
Tip of the Week: Altering Your Android Device’s Po...

By accepting you will be accessing a service provided by a third-party external to https://frspros.com/

Mobile? Grab this Article!

QR-Code

Tag Cloud

Tip of the Week Security Technology Best Practices Productivity Business Computing Network Security Privacy Internet Hackers User Tips Software Cloud Google Efficiency Microsoft Innovation Hardware Data Hosted Solutions Business Management Communication Email Computer Windows 10 Tech Term Cybersecurity Smartphones Malware Mobile Devices Small Business IT Services Business Data Backup IT Support Android Backup Disaster Recovery Workplace Tips Smartphone Office 365 Data Recovery Browser Upgrade Outsourced IT Collaboration Windows VoIP Internet of Things Gadgets Users Communications Cloud Computing Apps Phishing Cybercrime Information Business Continuity Data Security Ransomware Managed IT Services Automation Saving Money Network Facebook Managed Service Mobile Device Management Microsoft Office Operating System Passwords Miscellaneous Health Employer-Employee Relationship Quick Tips Covid-19 Blockchain Wireless Two-factor Authentication Vulnerability Money Artificial Intelligence OneNote Alert Server Law Enforcement Social Media Managed IT Best Practice Applications Spam Chrome Mobile Office Holiday Virtualization Managed IT Services Networking Mobile Device Information Technology IT Support Bandwidth Data Breach Unsupported Software Augmented Reality Password BYOD Router Access Control App Google Drive Settings Hacking Printing Gmail Bring Your Own Device Windows 10 Save Money Computers Data Storage Retail Word Conferencing Windows 7 Telephone Systems Project Management Patch Management Tech Support Managed Service Provider Human Resources BDR Telephony Cost Management IT Management History Payment Cards Marketing Travel Commerce WannaCry Management File Sharing Application Paperless Office Hosted Solution Excel Search Fraud Encryption Avoiding Downtime Mobility Safety Mobile Security SaaS Battery Vendor Proactive IT HIPAA Evernote User Error Google Assistant Going Green Social Hybrid Cloud Touchscreen Risk Management WiFi Remote Workers Cortana Budget Voice over Internet Protocol Government Data Loss Wireless Technology Robot Data Management Wi-Fi Update Business Technology Audit Meetings The Internet of Things Google Docs Shortcut Productivity Software as a Service Data Protection Wireless Charging Politics VPN iPhone Devices Sports Hard Drive Display Licensing Updates Memory Upgrades Managed Services Provider Comparison Scam Chromecast Testing Computer Fan ROI Reputation Internet Service Provider Computer Forensics Peripheral Data storage Threats Video Conferencing Microsoft Excel IT budget Education YouTube Hard Disk Drive PC CRM Outlook Remote Computing Digital Signage Printer Google Maps Spyware Alexa for Business Inventory Credit Cards App store Samsung Internet Exlporer Chromebook Co-Managed Services Microsoft Word Financial Payroll Facebook Privacy Specifications Virus Camera Windows Server 2008 R2 Uninterrupted Power Supply Scams Organization Employees IT Solutions AI Legal Firewall PCI DSS Apple Employee Webinar Antivirus Telephone Workstation Tablets Maintenance Security Cameras Consultant Laptop eCommerce Sales Proactive Projects Training Transportation PowerPoint Admin Remote Monitoring Virtual Private Network Storage Social Engineering OneDrive Smartwatch Private Cloud Sync Processor Regulations Compliance Edge Instant Messaging Hacker Files Compliance Break/Fix IT solutions Hosted Desktop FAQ DDoS Hyperlink Development Telework NFL eWaste Emergency Disaster Machine Learning Touchpad Fiber Optics Websites Recovery Identity Printers Wireless Internet Saving Time Identities Point of Sale Employee-Employer Relationship iOS WIndows Server 2008 Server Maintenance Remote Work Value Wasting Time Benchmarks Policy Ciminal Keyboard Medical IT Windows 10s HBO Smart Devices Charger Entertainment Micrsosoft Audits Device Security Amazon Downtime Screen Mirroring Humor Holidays Data Theft Identity Theft Data Privacy Administrator Computer Care Nanotechnology Workers Lithium-ion battery Gamification Keyboard Shortcuts Unified Threat Management Managed IT Service Legislation Language Office Streaming Media Investment Net Neutrality Adobe Accessory Myths Procedure 5G Solid State Drive Sabotage Troubleshooting Personal Information Business Intelligence Solutions Windows Ink Virtual Assistant E-Commerce Emails Cast Copiers Gifts Computing Vendor Management Access Root Cause Analysis How To Books PDF Congratulations Hiring/Firing Mobile Computing Video Games Experience Virtual Reality Work/Life Balance Current Events Electronic Medical Records Text Messaging Crowdsourcing Employer Employee Relationship Phone System Cache Benefits es Save Time Communitications Office tips Computer Accessories Monitors Flexibility Music Advertising Smart Technology Television CrashOverride Company Culture Scalability Analytics End of Support Regulation HaaS Relocation Black Market Cleaning Big Data Automobile Thank You Twitter Managing Stress USB Worker