Protect Your Online Accounts From Becoming Compromised
Stolen login credentials are a hot commodity on the Dark Web, and there’s a price for just about every type of account from online banking to social media. Social media account credentials go for between $20 to $80 each, and there’s a chance yours are for sale right now.
The rise in reliance on cloud services has caused a big increase in compromised accounts. Stolen login credentials are now the number one cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.
Having either a personal or business account compromised can be very costly. It can lead to a ransomware infection, compliance breach, identity theft, and more.
To make matters worse, users are still adopting bad password habits that make it all too easy for criminals:
34% of people admit to sharing passwords with colleagues
44% of people reuse passwords across work and personal accounts
49% of people store passwords in unprotected plain text documents
Cloud accounts are more at risk of a breach than ever, but there are things you can do today to reduce the chance of having your accounts compromised:
IMPLEMENT AND ENFORCE MULTI-FACTOR AUTHENTICATION (MFA)
Multi-factor authentication (MFA) is the best method there is to protect cloud accounts. While not a failsafe, it is proven to prevent approximately 99.9% of fraudulent sign-in attempts, according to a study cited by Microsoft.
When you add the second requirement to a login, which is generally to input a code that is sent to your phone, you significantly increase account security. In most cases, a hacker is not going to have access to your phone or another device that receives the MFA code, thus they won’t be able to get past this step.
The brief inconvenience of using that additional step when you log into your accounts is more than worth it for the bump in security.
USE A PASSWORD MANAGER
One way that criminals get their hands on user passwords easily is when users store them in unsecured ways. Such as in a Word or Excel document or under the contacts or notes application on their PC or phone.
Using a password manager provides you with a convenient place to store all your passwords that is also encrypted and secured. Plus, you only need to remember one strong master password to access all the others.
Password managers can also autofill all your passwords in many different types of browsers, making it a convenient way to access your passwords securely across devices.
TURN ON LEAKED PASSWORD NOTIFICATIONS IN YOUR BROWSER
You can have impeccable password security on your end, yet still have your passwords compromised. This can happen when a retailer or cloud service you use has their master database of usernames and passwords exposed and the data stolen. When this happens, those leaked passwords can quickly end up for sale on the Dark Web without you even knowing it.
Due to this being such a prevalent problem, browsers like Chrome, Firefox, and Edge have had leaked password alert capabilities added. Any passwords that you save in the browser will be monitored, and if found to be leaked, you’ll see an alert when you use it.
AVOID USING PASSWORDS WHEN ON PUBLIC WI-FI
Whenever you’re on public Wi-Fi, you should assume that your traffic is being monitored. Hackers like to hang out on public hot spots in airports, restaurants, coffee shops, and other places so they can gather sensitive data, such as login passwords.
You should never enter a password, credit card number, or other sensitive information when you are connected to public Wi-Fi. You should either switch off Wi-Fi and use your phone’s wireless carrier connection or use a virtual private network (VPN) app, which encrypts the connection.
FOLLOW BEST PRACTICES TO PROTECT YOUR DEVICE/NETWORK
If an attacker manages to breach your device using malware, they can often breach your accounts without a password needed. Just think about how many apps on your devices you can open and already be logged in to. To prevent an online account breach that happens through one of your devices, make sure you have strong device security. Best practices include:
Keeping Your Software Up To Date
Implementing an Antivirus/Anti-Malware Solution
Employing Phishing Protection Tools (such as email and DNS filtering)
Deploying an Extend Detection and Response Solution and a Managed Threat Response Service
Etc.
LOOKING TO PROTECT YOUR ONLINE ACCOUNTS?
Don’t leave your accounts and your business at risk. We can help you review your current account security and provide helpful recommendations. Give us a call today.