These days, malicious actors want access to all your data. Stolen login credentials have become a hot commodity, especially on the Dark Web. So, how do we keep hackers from accessing your online accounts?
Let's get into it.
Why Hackers are Accessing Online Accounts
If you didn't know, the Dark Web has a price for just about everything, including online accounts. Hacked social media accounts for example, can sell for about $30-$80 each.
Specifically, there's been an increase in interest of cloud accounts. As users become more reliant on cloud services to store their data, bad actors aim to target more cloud accounts.
According to IBM Security's latest Cost of a Data Breach Report, compromised login credentials are now the leading cause of data breaches worldwide. No one wants their personal or business cloud account exploited.
Recovering these accounts can be very costly. It can result in ransomware attacks, identity theft and other issues.
To make the situation worse, users still continue to employ bad password habits.
For example:
- 25% of Americans are still using the word "password" as their password
- 50% of people store their passwords on an insecure word document
- 34% of people admit to sharing their passwords with a coworker
- And 44% of people admit to using the same password across all of their accounts.
So, what can you do about this? How can you keep hackers from accessing your online accounts?
The answer is pretty simple. By taking some proven precautions, you can help keep your online accounts safe from hijacking, even with cloud accounts being more at risk than ever before.
Utilize 2-Factor Authentication
The best way to safeguard cloud accounts is via multi-factor authentication (MFA) otherwise known as 2-step authentication.
MFA isn't a failsafe, but it has been useful in blocking 99.9% of fraudulent sign-in attempts, according to research by Microsoft.
When you require a second step to log in, it generally boosts the security of your account. Steps that include inputting a code delivered to your phone, or authenticating on an app. Hackers would need access to your physical phone or another connected device to be able to get past this step.
While it may be a minor inconvenience to input a code from a separate device, it is well worth it for an increase in security.
As an IT company Los Angeles, we recommend to all our clients that they implement 2-step authentication.
Use A Reputable Password Manager for Secure Storage
Users that save their credentials in unencrypted locations leave themselves vulnerable to identity theft.
For example, using an unprotected Word or Excel document or even the notes section on your PC or phone. Making use of a password manager allows you to store all of your passwords in a safe and secure location. All you have to remember is a single, complex master password to access all of your accounts.
If you're looking for a means to safely access all your online accounts from several devices, a password manager can help. Plus, some have the ability to autofill your sign-ins. So, you really don't have anything to worry about.
I can highly recommend the Password Manager Keeper to all my clients. Most consider them a leader in password protection.
Ensure that your Privacy and Security Settings are Correct
If you haven't already, it's time to check your cloud tools' security settings.
Errors in cloud account setting are a significant source of data breaches. When an account's security settings aren't set up correctly, breaches happen. As a rule of thumb, you don't want to leave your SaaS security in its default settings. They may not be set with ultimate security in mind.
Modify and review your security settings to keep your cloud applications safe. If you are unsure how, don't hesitate to reach out. As an IT service provider, we can offer recommendations on how to best secure your privacy.
Turn On 'Browser Alerts' for Leaked Passwords
Unfortunately, you can implement great password habits, and still have your passwords hacked.
For example, if an online retailer or cloud service has the master database of usernames and passwords exposed, your information can be stolen. When these massive data leaks happen, your credentials may find themselves up for sale on the Dark Web without you even knowing it.
In response to this widespread issue, browsers like Chrome and Edge have introduced "leaked password alerts".
Any passwords you allow the browser to save will be checked for leaks. If one has been breached, an alert will appear when you try to use it.
Take a minute now to activate this feature in the password area of your browser. If you have not done so already, you may have to enable it. This will help you know right away if a password has been leaked, allowing you to change it.
Avoid Entering a Password When Using Public Wi-Fi
A rule of thumb; always assume someone is monitoring your online data on public Wi-Fi.
Most hackers like to hang out in the public hot spots at airports, restaurants and coffee shops so they can collect sensitive data, such as login passwords.
You should never input your password or any other personal information when connected to public Wi-Fi.
Instead, you can switch off your Wi-Fi and use your phone's wireless connection or make sure of a virtual private network (VPN), which will encrypt your connection.
Use Data Security Software
If a hacker is able to access your device via malware, they can often exploit your accounts without needing a password.
Think about it for moment, how many apps on your device do you have open and are already logged into? To avoid an online account breach, make sure your device has a strong security setup.
Some best practices are as follows:
- Install Antivirus or Anti-malware
- Keep your Software and OS up-to-date
- Enable Anti-phishing protection; like email filtering and DNS filtering
Are you in need of Password & Cloud Account Security Solutions?
Don't wait until it's too late. Keep hackers from accessing your online accounts today. We can help review your current cloud account security and offer helpful recommendations.
Check out our recent blog post on why you should STOP using email as your personal storage solution.
Protect your business against breaches. For more information on cybersecurity assistance, feel free to book a time to chat with us via the Calendly link below. I'd be happy to discuss ways to optimize your company's IT.
Click here to schedule a free 15-minute meeting with Stan Kats, our Founder and Chief Technologist.
STG IT Consulting Group proudly provides IT Service for Small to Medium Businesses in Greater Los Angeles. We'd love to see if we can help you too!
