There are several methods criminals could use to obtain a password/passphrase, they include:
Brute forcing - This is the term given to the method discussed earlier of using a computer program to make lots of random guesses very quickly. This is the primary reason we need long and complex passwords/passphrases, as it makes this process much harder, and take much longer.
Phishing - Pronounced ‘fishing’, is a social engineering technique where criminals create emails and websites, often using well-known brands, such as google, amazon or financial institutions. They then trick users into entering a username and password, which is then sent to the criminals rather than the legitimate organisation.
Breaches - A breach is when a criminal gains access to a website or system’s list of usernames and passwords, often through a security flaw. When this happens the criminals usually gain access to every username and password registered with that website.
This doesn’t just happen to small websites that can’t afford good security, some recognisable names have suffered very large breaches of varying severity.Facebook - 540,000,000 user records breached
eBay - 145,000,000 user records breached
Equifax - 147,900,000 user records breached
LinkedIn - 165,000,000 user records breached
Yahoo - 3,000,000,000 user records breached
Criminal Collaboration - after one of the above techniques has been used successfully, criminals will often sell and share the usernames and passwords they have gained access to. In some cases, these are then compiled into large databases that contain millions of stolen email address and password combinations. Many times, these large databases will be published publicly online, giving access to anyone and everyone.
To discuss cybersecurity protection strategies for your business, leave your details below and an expert will get back to you.
Or call us on +618 8238 6500
