Each account created by a user, regardless of whether it is a page on a social network, a personal account in an application, or a banking service account, requires a password. Choosing the right protection helps you keep confidential information, data, or money.
The name of the method comes from the English word 'fish'. In simple words, this hacking method can be called live bait fishing. Phishing is most commonly used because it targets the majority of PC users.
The essence of the hacking technique is to fake the original site or other resource. Attackers create a complete copy of the desired portal, for example, Gmail mail or social network page, where the user must enter a password. But he does not open access to the account, but goes into the hands of scammers.
The second phishing option is sending emails. Most often, mailings from the technical support services of a particular service are forged. The text of the message informs about the need to change the data or just log into the account. A link is attached to the letter, upon clicking on which the user gets to an exact copy of the original site.
Somewhat less often, phishing uses viral software that replaces the site address by going to a fake page.
Since most often phishing victims become victims of their own inattention, there are simple ways to avoid this:
- When you receive a letter from the support service, do not rush to follow an unknown link. Beforehand, you should carefully look at the address. For example, instead of the .com extension it will be .org. But even the correct address is not a guarantee of complete protection.
- Before authorization, you must check the spelling of the address in the browser line. It should be the name of an authentic resource, without additional signs or symbols. It is also recommended to pay attention to the presence of encryption, which is indicated by a lock icon in the browser bar and the initial letters of the https address.
The next hacking method is brute force or brute force. This term literally translates as 'brute force'. At the dawn of computers, the technique involved manual enumeration of possible combinations. Now it is done by special programs. Password guessing can be done in two ways:
- According to the dictionary. In this case, the base for the search is a regular dictionary. A special utility installed on the cracker's computer systematically searches through all possible word combinations until access is obtained.
- According to the bases of already used passwords. On the pages of the Internet with the next global password leak, the most common options are given (password, qwerty, 12345678). There are databases of ready-made passwords on the network. The selection process is carried out in a similar way. The program goes through all the available combinations until the desired one is obtained.
It is quite easy to protect yourself from brute force: you need to come up with a password that is more than 8 characters long, including upper and lower case letters, symbols and punctuation marks. The longer and more complex the password, the longer it will take to guess it. As a recommendation, you can advise:
- Use special programs or browser tools to generate passwords.
- Don't use the same combination for all accounts.
- Do not compose a password from the name, date of birth, or nickname of the pet.
Another common way to steal credentials is to infect a potential victim's computer with virus programs. These are 'Trojans' and SpyWare or spyware.
The purpose of this type of program is to collect information about the user, which can be carried out:
- using keyloggers or utilities that track keystrokes;
- using traffic analyzers;
- providing remote access to the infected computer.
The method of protecting against unwanted software is quite simple:
- Use high-quality antiviruses with a multi-stage protection system.
- Do not download files from unknown sources.
- Don't click on suspicious links.
- Do not visit sites with adult content, as these are where the most viruses are located.
Forewarned means protected. Knowing how to obtain passwords is the ability to preserve personal data and confidential information. Methods for preventing password theft do not require specialized computer skills, but consist in elementary care.