McAfee: Mounted former employees for leaking data to an opponent
infosec

McAfee: Mounted former employees for leaking data to an opponent

McAfee has sued three of her former employees, who, as they say, have stolen commercial secrets from the company to transport them ...
Read More
infosec

Six people were arrested by Europol for Bitcoin theft

According to a press release released on June 25, Europol in partnership with South West Regional Cyber ​​...
Read More
infosec

Why can not I remove Windows 7? But why should it?

As we have mentioned several times in the past, Microsoft is particularly concerned about the world's love for Windows ...
Read More
infosec

Phishing campaign infects Windows computers with two types of trojan

A new phishing campaign infects the victims with two popular trojan and hackers seem to try to target ...
Read More
infosec

Bank Trojan Riltok has also begun to locate itself in Europe

Riltok, a banking Trojan known for its activity in entities in Russia, seems to have been renewed and now has ...
Read More
Latest Posts

Do the hackers "Spraying" on your credentials?

It matters whether hackers have your email address and password;

Yes. Even if you change this password.

We know that it makes no sense to try to win the hacker. If a hacker detects the type of password you've created, it's even easier to find out. Most users use the same format of passwords and hackers know it better than anyone. They also know that they can also enter other websites with your credentials. And remember that hackers do not sit to manually type all of your data, scheduling has made the testing of email with common passwords and formats very easy. The more data you can collect for you, the easier it is to create your online identity. If a hacker manages to get into a corporate email account, then watch - your business or your employer can become the target of very specific frauds that can cost a lot of time, money and customers!

hacker

So, what is this "Spraying"?

"Password spray" is the process by which the attacker uses the same common passwords with multiple user names. This type of attack against an organization is usually used since a hacker has successfully acquired a list of valid users by the user. The attacker knows that people use common passwords, so the attack "tries" fewer logins to more users than to lock the account. This is a way of detecting users who have weak passwords targeting them with the strongest. This is a widely used attack as it is an inexpensive attack and is more difficult to detect than the more violent approaches that use multiple passwords in a single username.

Why is it important?

Email is the target of the hacker. We all agree that our contact information lives in many email accounts and I think most of us have received some crazy email from someone we know. That's where it starts ...

Let's say your contact information is in my Office 365 account Outlook. Yesterday, my account was violated and used to send hundreds of email to all my contacts. My Office 365 security stopped and I changed my password immediately but my contacts list was violated and could easily be in the attacker's hands to be used in the next Spray Password attack!

How to protect yourself from email hacking

  1. Use strong codes. Longest passwords are more powerful, so you target 12 characters instead of 6-8. Also use a password management application
  2. Never use corporate password on other websites or apps. Websites are hacked daily and if they access the network, your business is in danger.
  3. Enable 2 Factor Authentication for Office 365. Look for instructions on how to do it through google or see Microsoft's instructions here.
Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *