Phishing and brute force, the two most used threats
A report submitted by Abnormal Security shows how Phishing and brute force attacks are two threats that are having a major impact on user security. They even warn that they can put the reputation of the companies themselves at risk.
In their report they analyzed email attacks in different industrial sectors, such as consumer goods, manufacturing, technology, media, finance or medical services. The results showed that 32.50% of all companies analyzed were victims of brute force attacks in early June. Additionally, 61% experienced an email attack attempt during that quarter.
During those months analyzed, security researchers saw a very significant increase in Phishing and brute force attacks. In both cases the objective was to steal the passwords of the users and to be able to control their accounts. Once they gain access, those accounts may use them to carry out further security attacks on other coworkers, vendors, or contacts in general.
From Abnormal Security they indicate that the social engineering it is having an increasing weight in cyberattacks. Hackers are looking for a way to scam the victim, gain their trust, and make them click on a link or download a file.
The goal of all of this is to achieve spoofing. They want to take control of the accounts, read messages, confidential information and, ultimately, compromise both companies and organizations, as well as users themselves. Just like there are different methods to steal Wi-Fi, hackers also have ways to steal passwords.
Tips to Avoid Phishing and Brute Force Attacks
So what can we do to avoid these types of attacks? Whether you are a home user or if you work in a company and want to protect your accounts, it is important that you take into account certain recommendations.
Create strong passwords
The first thing we should recommend is to use keys that are really safe. We must use unique, random passwords that have been created with everything necessary to protect the accounts. For example, we should never use things like our name, phone number or any word or numbers that relate to us. This could facilitate brute force attacks.
To generate reliable passwords we can always help ourselves with key managers who create passwords that meet all the requirements.
Enable two-step authentication
This can help us avoid both phishing and brute force attacks. It basically adds an extra layer of protection in case the password is compromised. It consists of receiving a code by SMS or by an application such as Google Authenticator to access the account.
More and more services use the 2FA. For example, social networks like Facebook or Twitter allow you to use it and it is very useful to improve security. This serves, for example, to protect the bank account.
But if there is something important it is the common sense. In this case, it will especially protect us from Phishing attacks. Normally these attacks arrive through the sending of an email that contains a false link, some SMS with links to maliciously modified pages, etc.
If we avoid making mistakes, if we log in only from official sites, paying close attention to the URL, we will avoid the dreaded Phishing attacks that can steal our passwords.
Therefore, these are some tips that we can take into account to avoid two of the most common attacks today: Phishing and brute force. We must always create passwords that are secure and avoid making any type of mistake.