- Making IT Work
- 0800 8047 256
- information@eacs.com
How can Phishing Attacks be Prevented?
May 14, 2021
The easiest way to help prevent 80% of Data Breaches
123456, Password, Qwerty. These are three of the most common passwords used today, and unsurprisingly these are also the passwords that lead to the greatest number of security breaches. 80% of data breaches in 2019 were caused by passwords being compromised (source: Verizon), and this threat will only rise with the growth in remote working we’ve seen over the past year.
There are a variety of techniques used by cybercriminals to crack passwords, and eacs have listed just a few of these methods below:
- Manual guessing – guessing common passwords and personal details such as birthdays or pet names which are usually gotten through reconnaissance from social media accounts
- Brute force – automated guessing of billions of passwords until the correct one is found, mostly performed using dictionary words
- Stealing passwords – passwords written on bits of paper and sticky notes near devices can be copied and used
- Phishing & coercion – tricking people into revealing their credentials such as passwords or bank details
- Password spraying – trying a small number of commonly used passwords to access a large number of accounts
eacs Top Tips - Avoid posting personal details on social media sites that could be linked to your password - Instead of using dictionary words, have a mixture of characters, numbers & symbols - Avoid re-using the same passwords on different sites - Always change your password if you click on a suspicious link - Avoid using previously used passwords in case they have been compromised already
Securing passwords is a quick method of stopping a large number of hackers in their tracks. It can be relatively simple to protect yourself from these threats without the need for expensive systems and processes. We have listed a number of simple steps that can be used to improve your password security without the need for complex and time-consuming processes.
- Create a strong password policy that must be adhered to by all members of staff
- Blacklist the most common password choices and use account lockout to stop brute force attacks
- Use a password vault to store your different passwords
- Provide regular training for staff against phishing attacks and the risks of weak passwords
- Don’t automatically expire passwords, instead only ask users to change their passwords when there is a suspicion of a compromise. This works better when users adhere to the password policy that has been set with no weak passwords used in the first instance
One step that all IT security experts recommend is multi-factor authentication (MFA). Microsoft has reported that using a second factor to authenticate users can block 99.9% of all attacks, and can be as simple as a code sent to your mobile phone via a text or an app alongside your username and password.
Our security needs are constantly evolving as hackers become smarter and more resourceful. Utilising the correct processes can greatly reduce the chance of a breach in your defences, although this is just one part of your wider access control and there still many other ways for cybercriminals to get through.
Speak to eacs today on 0800 8047 256 for more information about our range of security services and how we can help keep you and your vital data safe.
