Is Your Password a Dead Giveaway? - CYBRI

Is Your Password a Dead Giveaway?

|

BY Vitaliy Dubinsky

Weak passwords are one of the biggest security threats, yet they are barely taken seriously. Is your company plagued by weak passwords? What makes a strong password? Are you changing your passwords frequently enough?

Logging into your bank account, email address, or other sensitive website can easily be compromised if you use weak passwords or use the same passwords for multiple websites. These weak and reused passwords can even make multi-factor authentication stages nearly useless.

Hackers keep databases on the Internet where they crowdsource weak, commonly used passwords, and they use brute force methods to crack the credentials of email addresses to gain access to bank accounts.

Then, they can use these credentials in tandem with financial services applications such applications include PayPal and Zelle. These applications can act as a backdoor into someone’s bank account should they have access to the person’s bank login credentials.

Targeting your credentials can take on many forms.

The most common is spear phishing, a targeted phishing attempt whereby a hacker impersonates your banker or financial institution to coerce sensitive information from you. They can also engage in unauthorized SIM swaps, where they bribe or trick employees at mobile phone stores to route your texts and calls to them so they can request your credentials be sent to them directly.

Not only can cybercriminals target your account for takeover, they can also link your account to one they control, a more insidious threat.

Once these hackers have access to your account, they will usually sell this access to another party for profit. And considering how cheap gaining access can be, these criminals can make a lot of money which is why it continues to be such a major threat.

Luckily for all of us, banks, financial institutions, and regulators are fighting back. Many financial aggregators are upgrading to the OAuth for access. This gives banks more tools to detect and prevent fraud and ensure legitimate transactions. This can help protect users in case they’ve linked their accounts to a financial aggregator.

There are steps you can also take to protect yourself:

Setting up strong passwords is crucial. This includes passwords at least eight characters long, with a mix of letters and numbers, different cases, and special symbols. Using dictionary words can make a password easier. It’s also important not to reuse passwords and to change your passwords as often as every six months, maybe more if necessary.

Or simply, consider using a password manager. Since we use so many web services that require passwords, keeping up with all of them can quickly get out of hand. See this article by WIRED outlining the best password managers to secure your digital life.

Sources:

Discuss your project now

Related Content

Previous
Next

Schedule a personalized demo with CYBRI.

Don't wait, reputation damages & data breaches could be costly.

Tell us a little about your company so we can ensure your demo is as relevant as possible. We’ll take the scheduling from there!
Michael B.
Michael B.Managing Partner, Barasch & McGarry
Read More
I am an attorney who represents thousands of people in the 9/11 community. CYBRI helped my company resolve several cybersecurity issues. I definitely recommend working with CYBRI.
Tim O.
Tim O.CEO at Cylera
Read More
I’m using CYBRI and have been very impressed with the experience and quality of the experts and CYBRI’s customer service. It has been a super seamless process that I’m happy and pleased with – I recommend CYBRI to all businesses.
Sergio V.
Sergio V.CTO at HealthCare.com
Read More
I hired CYBRI to help my company with various cybersecurity services, specifically HIPAA and CCPA. I have been satisfied with the quality of work performed by the cybersecurity expert. The customer service is excellent. I would recommend CYBRI for all of your cybersecurity needs.
L.D. Salmanson
L.D. SalmansonCEO at Cherre.com
Read More
We worked with CYBRI on assessing vulnerabilities and understanding the risks of our client-facing web assets. We are satisfied with the results and the professionalism of the Red Team members. Highly recommend CYBRI to all businesses.
Marco Huslmann
Marco HuslmannCTO MyPostcard
Read More
CYBRI is a great solution that helps streamline the penetration testing process. I strongly recommend them and will work with them again.
Alex Rothberg
Alex RothbergCTO IntusCare
Read More
I highly recommend CBYRI to businesses that need penetration testing to ensure their business infrastructure is secure.
John Tambuting
John TambutingCTO Pangea.app
Read More
I am confident CYBRI is the right penetration testing choice if you are looking to build a secure business environment.
Previous
Next

Discuss your Project







    Michael B.
    Michael B.Managing Partner, Barasch & McGarry
    Read More
    I am an attorney who represents thousands of people in the 9/11 community. CYBRI helped my company resolve several cybersecurity issues. I definitely recommend working with CYBRI.
    Tim O.
    Tim O.CEO at Cylera
    Read More
    I’m using CYBRI and have been very impressed with the experience and quality of the experts and CYBRI’s customer service. It has been a super seamless process that I’m happy and pleased with – I recommend CYBRI to all businesses.
    Sergio V.
    Sergio V.CTO at HealthCare.com
    Read More
    I hired CYBRI to help my company with various cybersecurity services, specifically HIPAA and CCPA. I have been satisfied with the quality of work performed by the cybersecurity expert. The customer service is excellent. I would recommend CYBRI for all of your cybersecurity needs.
    L.D. Salmanson
    L.D. SalmansonCEO at Cherre.com
    Read More
    We worked with CYBRI on assessing vulnerabilities and understanding the risks of our client-facing web assets. We are satisfied with the results and the professionalism of the Red Team members. Highly recommend CYBRI to all businesses.
    Marco Huslmann
    Marco HuslmannCTO MyPostcard
    Read More
    CYBRI is a great solution that helps streamline the penetration testing process. I strongly recommend them and will work with them again.
    Alex Rothberg
    Alex RothbergCTO IntusCare
    Read More
    I highly recommend CBYRI to businesses that need penetration testing to ensure their business infrastructure is secure.
    John Tambuting
    John TambutingCTO Pangea.app
    Read More
    I am confident CYBRI is the right penetration testing choice if you are looking to build a secure business environment.
    Previous
    Next

    Find mission-critical vulnerabilities before hackers do.

    CYBRI’s manual pen tests are performed by U.S.-based highly certified Red Team experts.

    We help businesses detect & remediate catastrophic vulnerabilities in applications, cloud, and networks.