This is how cybercriminals steal your passwords, the last one will surprise you

Please note that passwords are the main security barrier what we have. Creating secure keys is very important, but even the most complex ones can be stolen if we make certain mistakes. Sometimes, the problem could be from that service or platform that we are using and it is not really our fault.

How passwords are stolen

You may come across a message that someone has broken into your account. Maybe you have even tried to log in to some platform and see that you cannot access it. These are signs that someone has been able to steal your access codes and take control of your accounts without you noticing.


The first option hackers use is use dictionaries. It’s basically a list of common passwords that are commonly used by users. They try those that are more common and try to gain access without launching any more sophisticated attack or interacting with the victim.

These passwords are simple, but they really are widely used. For example, we can name keys like “123456”, “qwerty”, “admin123” and the like. For ease of memorizing them, they are still some of the most common. Those dictionaries can have 50, 100, 200 or more such passwords and they try all of them.

Phishing attacks

Another widely used technique is attacks Phishing. What does this mean? They are campaigns that are launched to impersonate the identity of a company. For example, they might send you an email posing as Facebook saying there’s a problem with your account. They ask you to click a link and log in to fix that bug.

But of course, you are not really logging into Facebook, but in a fake page that they have created to look like it is the social network. This is what allows them to steal the access keys and take control of that account.

Scam SMS with Phishing

Use your social networks

But if we continue with social networks, they can even use them to steal passwords. In this case, it will especially affect those who use weak and predictable passwords. For example, those who use their first and last name, date of birth, city where they live, etc.

What do hackers do with social networks? Basically looking for information. They can collect data such as date of birth, full name, hobbies, place of residence… With all that, they can cross the data and create multiple possible passwords that they will test. If it is predictable, they might access.


Keyloggers are a type of malware which is responsible for recording everything we type on the keyboard. And yes, this also includes passwords. Cybercriminals are going to obtain those keys and also the usernames that we use to enter. In fact, they could access anything you put on the keyboard.

To avoid this, the most important thing is to protect the equipment. You can use a good antivirus, keep it updated and also avoid installing software from unofficial sources. Check all this to protect yourself from a keylogger or any other security threat.

look behind

Yes, this method may seem difficult and unusual, but the truth is that it exists. It basically consists of Does anyone see how you put the password?. It can be a person you know or any other. For example, maybe you are on the subway, on a bus or you are waiting at a bus stop and you enter a social network, enter your username and password and someone sees you from behind.

That person could write down your password and, later, enter your account without you noticing. You can avoid this, for example, by enabling the fingerprint on the mobile or even using more complex access codes, which are difficult to see with the naked eye as they have many meaningless symbols.

As you can see, these are some of the main methods by which your passwords can be stolen. It is essential that you take steps to prevent it from happening. Protecting online accounts and any device you use is essential to preserve privacy on a day-to-day basis.

Related Articles