Mind those passwords, internet users told
SOUTH Africa ranks third on the cybercrime hot spot list in the world.
On World Password Day on May 5, South Africans were urged to take their cyber habits seriously.
Cybersecurity expert and GoldPhish CEO Dan Thornton said controlling who had access to restricted data, systems or areas was one of the most fundamental elements of security.
“Weak passwords, password reuse and lack of application are still some of the most serious concerns for cybersecurity,” he said.
Internet users are urged to have strong passwords that are more difficult for criminals to crack.
GoldPhish advised users to use three random words. “Forget super complex passwords that make no sense; remember, length trumps complexity.
“Instead, use passphrases with three random words that you can actually remember. If you need to get a bit more advanced, sneak in the odd number and special characters,” Thornton said.
“Change your passwords on any site that has had a data breach or if you are at all suspicious.”
Users are also advised to enable multifactor authentication on all accounts, including email, social media, shopping and financial services, for extra protection.
“If you suspect your login credentials have been stolen, either through a data breach or through some social engineering attack or scam, immediately go on to the platform using those credentials and change your password and set up multifactor authentication – this way even if a criminal has your password, they will still need the onetime PIN or SMS to gain access,” said Thornton.
He said when someone signed in from an unfamiliar device, they would be asked to confirm identity via text message, email or code.
Users have to protect all their online account credentials by using strong passwords and never reuse them across numerous platforms.
“Different platforms get hacked every day, and through these data breaches hackers get access to the lists of usernames and passwords that were stored on the hacked platform,” Thornton said.
“The username/password combo is then input by hackers into other common platforms and financial accounts and will gain immediate access if you have used the same combo elsewhere.
“Users need to always use a unique password for each and every online account. This will be almost impossible to remember, so use a password manager to create and store all your passwords securely.”
Alternatively, users can get a password manager, which is a web browser that can generate and store all your passwords securely.
“You do not have to worry about remembering them. This allows you to use unique, strong passwords for all your important accounts,” said Thornton.
Thornton said financial sites such as banking and, more recently, cryptocurrency exchanges, were most likely to get hacked and have been huge targets for hackers as this could result in instant pay days.
“Email and social media platforms are also a big target, because once you are into someone’s communication systems you can create extremely convincing scams against them and their contacts. “Over the last 18 months we have seen an increase in attacks against large cloud software companies – whose software is widely embedded worldwide into thousands of companies,” said Thornton.
He said one hack then gives the cybercriminals access to thousands of potential business victims.