A terrible thing happened – you were hacked. You cannot go to your social networks, and in your inbox you see messages about resetting passwords and debiting money from your bank card. The standard question arises – how could this have happened? You use a complex password and did not allow anyone to use your computer, but someone else got into your mail anyway. Let’s take a look at the common hacking routes and ways to protect against intruders.
READ – Server Renting Advantages
How hackers gain access to user accounts
First of all, you should understand for yourself – it is unlikely that someone is purposefully tracking you, if you are not a show business star and a top manager of a large company. Hackers are interested in public people whose data is of particular value. This category includes famous athletes, actors, performers and their producers.
SEE THIS – laptop screen cleaning tips
Often, attackers try to hack the profiles of high-profile corporate employees. Access to their accounts can make a cracker good money, especially if the correspondence contains sensitive information of interest to the company’s competitors. In other cases, hacking is the result of the actions of automatic programs that daily monitor millions of Internet resources for vulnerabilities.
READ THIS AS WELL – Asus ROG Phone 5 Review
How robots work:
send phishing emails with links to copies of sites;
send letters with links to Trojans;
steal user bases from poorly protected sites;
send messages about the alleged fait accompli of hacking;
imitate business correspondence.
The purpose of the mailings is to force the user to go to a phishing site or download an attached file containing a virus or trojan. As soon as a weak point is found, then a specialist is connected, whose task is to get the maximum bonuses from hacking. Most often, crackers are interested in letters that are stored in your mailbox. With their help, an attacker gets a chance to get into any of your accounts, from your social media profile to an electronic wallet, if you were too lazy to set up two-step authentication for it.
READ – How to Convert Word to PDF
Hacking through letters: methods and consequences
Once you’ve succumbed to the temptation and clicked on a malicious link, the outcome will depend on the target of the attackers. The most unpleasant outcome of events is that you will be supplied with a Trojan horse, and your entire computer will be at the disposal of the hackers. You will be lucky if the device is only used as a tool for DDoS attacks, but the consequences are usually more severe. All your logins and passwords stored in the browser can be stolen, including access data to financial systems. A hacker can extract confidential information from memory or deprive you of the ability to control the system and demand money to restore the device to work.
SEE – Buying a used phone tips
Letter demanding to pay money
Fake letters from banks or government agencies make them look as real as possible. You may be prompted to follow a link to inquire about a debt, get a tax refund, or to clarify important information. In July 2021, users of the public services portal began to massively complain about the actions of online scammers who hack accounts through phishing emails, change their login and password, and then take microloans in the name of registered citizens. It is very difficult to prove the fact of fraud in this case, so the state urges users to be careful.
SEE IT – Different types of washing machines
Phishing letter from State Services
Recently, another type of mailing list designed for human psychology has become popular among cybercriminals. A letter comes to the mail with a message that supposedly the computer has been hacked for a long time, and its owner is being constantly monitored. The programmer reports that he recorded the frequent visits of the user to porn sites, filmed compromising video through the built-in camera of the device and offers to pay for its destruction. The amount is usually indicated in bitcoins. Although this method of deception is already well known, some people believe fraudsters and pay money to eliminate non-existent compromising evidence.
READ MY ARTICLE – Network Management Services
Phisher’s letter demanding payment
Now scammers have become much more inventive in the design of phishing emails. Messages are disguised as notifications from government, banking and tax structures, business messages, requests to activate a certain account on a site where you allegedly have not been for a long time. It is difficult to recognize a fake at an address – professionals are able to arrange a letter in such a way that you will not have the slightest doubt about its originality. There are sites where you can put any sender’s address for free or for money. Anyone who has the skills to work with mail servers using the SMTP protocol can change the data using the program code.
READ THIS AS WELL – App Development Services
Phishing email from Sberbank
According to RBC , the pandemic and the mass exodus triggered an increase in the number of fake websites of credit institutions. In the first quarter of 2021 alone, more than 1.5 thousand fake banking resources appeared on the Russian-language Internet, which is 20% higher than in the previous year. It is almost impossible to recognize a fake portal – it is completely identical to the original. If you enter payment information on such a site, the bank card details will immediately go to the scammers.
Phishing copy of the Sberbank website
Identical passwords for different resources are a direct security threat
According to statistics from the antivirus manufacturer Avast , more than 55% of users continue to use the same passwords on different sites, mistakenly believing that information on their devices cannot be of interest to hackers. A data leak can occur from the most innocuous resource – a forum where you talked with like-minded people or a game server where you once registered to try an interesting product.
As soon as the database of accounts falls into the hands of cybercriminals, an automatic system comes into play, which tries to enter popular mail services, social networks, e-wallets and banking systems with your data. If a robot gets into your email account, attackers will have all your personal correspondence, registration history on sites, your profiles in online stores, and much more.
Top insecure passwords
Even if the information in your emails is completely harmless, and you use two-step authentication to enter the bank, an attacker can gain a lot from access to your mail:
sell your mailbox to spammers;
organize phishing mailing from your address;
offer you to buy back access to your email or social media account.
In any case, rest assured that all emails will be scrutinized for information of interest to attackers. Even if the content does not contain information about passwords to social networks, your account will be easily discovered and may be asked to change the combination by email. When access is obtained, your name, surname and phone will definitely try to use to break into banking systems. Either they publish an advertisement on behalf of your profile or send letters asking for financial assistance to all your friends and acquaintances.
How to check your accounts
The LeakCheck portal will help you to make sure that your logins and passwords have not leaked to the Internet.The Service accumulates access data to user accounts on sites that have been hacked. The site’s employees regularly monitor forums where they post decryptions of stolen arrays and add information so that LeakCheck users can quickly check their email or phone for leaks.
READ – IT CONSULTING SERVICES
Password check for draining
The latest news about updates is posted on a separate page, so you can see if the site on which you once registered has been hacked. For example, the latest addition to the database is the decryption of stolen data from the ZeusGame.me portal, so if your account is on this resource and you used your typical password to log in, all your other profiles are at great risk.
Information about current leaks of site databases
The service provides the user with free test access and an extended service package at the selected tariff. The site’s functionality allows you to search not only by email, but also by keyword, login and phone number.
Search query options
After registering, you will have fifteen free checks at your disposal. You can check your addresses and phone numbers to find out if they are in the portal databases. The monitoring result will be presented in a somewhat truncated form, but there is enough data to determine further actions.
A paid subscription gives you advanced features. You will be able to trace the source of the leak, see the compromised passwords in full and ask the administration to remove your personal information from the service. The base plan costs $ 2.99 per day – a small price to pay to be sure your data is safe.
While the mechanism for protecting users from the actions of cyber fraudsters has not been worked out at the legislative level, therefore, concern for security is a private matter for everyone. It is necessary to be especially careful with messages from government and financial organizations and use direct addresses to access the portals of official structures.
Rules for handling questionable letters:
use different and complex passwords to access various services and sites;
do not follow links in messages where you are promised prizes, gifts or social benefits;
install antivirus software for your browser;
carefully check the addresses of sites and email senders – there are subtle discrepancies between doubles;
beware of redirects to other resources;
check suspicious portals through the Whois IP service .
The pandemic has become the reason for the active development of remote services, which contributes to the growth of cybercrime. Hackers are constantly improving their hacking tools and can only be protected by constant vigilance. Use two-step authentication on all sites that provide this opportunity and check your data for leaks through the LeakCheckservice . Practicing safe online behavior should become a habit – this is the only way you can reliably protect your data and prevent financial and reputational losses.