Insecure passwords, reused and exposed in leaks are some of the causes that lead to credential theft. Surprisingly, “password”, “123456″ and “123456789″ are some of the most widely used passwords globally, and they are very easy to crack. If users don’t have double authentication enabled on their accounts, cybercriminals easily gain access to the data they’re looking for. Another alarming fact is that 25% of users reuse their username and password in all their accounts.
Once the cybercriminals obtain the credentials, they carry out attacks called credential stuffing, which consist of trying to enter different profiles/accounts of a person, company or organization with the users and passwords they previously accessed.
These data are even traded on the Dark Web and then bots are in charge of filling in the login fields with these credentials. That’s when two-factor authentication comes into play. If users do not contemplate this second layer of security, just by obtaining the password, cybercriminals access the accounts.
Likewise, in recent years, credential theft has evolved in terms of the professionalization of cybercriminal activities such as the multiplication of initial access agents (IABs), the proliferation of ransomware groups, the increase in the prices of malware families and As if that were not enough, the appearance of traffer teams.
These are organized groups of cybercriminals that use a malicious program to steal credentials. In order to spread the malware as much as possible, they have formed a structure that aims to facilitate the sale of those credentials.
For these reasons, it is recommended to adopt and maintain good security practices and make good use of the devices in order to reduce avoidable risks.