Each year, hundreds of millions of accounts are compromised in data breaches through malware, phishing, and other types of cyberattacks. And those accounts often end up on the dark web, sold in hacker forums for a meager price.
The dark web is essentially a collection of sites that can only be accessed using a special type of browser called Tor. The system's anonymity and enhanced encryption allow users to perform illegal activities, including the sale of illegal drugs.
Now, these hackers -- they buy a trove of stolen passwords and bombard other websites until one works, a technique known as credential stuffing. Sometimes, hackers even try different variations of the passwords, just so they can access your account.
Cyble, a cybersecurity outfit, believes that it was credential stuffing that allowed hackers to gain access to over 500,000 Zoom accounts, which were then posted on the dark web.
Experts say that the main source of vulnerability is the tendency of most people to use the same password across multiple accounts. A lot of people don't regularly change their passwords either. In Microsoft's estimate, roughly 73% of passwords are duplicates.
To ward off data breaches, Google in December updated its Chrome browser, adding a system that will notify individuals if their usernames and passwords have been compromised. Cyble is also offering a service that allows people to check if they've been breached on a website called AmIBreched.com. Antivirus providers also offer similar services.
If your account is compromised, however, there isn't much you can do short of changing your password. If your accounts are safe, meanwhile, you can prevent cyber attacks by simply making your password more complicated, and using a unique password for each online account.
If you're worried about forgetting which password works for each account, there's a solution for that: password managers. This tool can store and encrypt multiple passwords, so you don't have to keep typing them every time you access your accounts.
Enabling multi-factor authentication is another effective way to keep hackers from getting in. Also called two-factor authentication, this safety feature requires an additional external credential to go with your password. It could be a fingerprint or a one-time code that is often sent by text.
In truth, users can do a lot when it comes to protecting their online accounts. The only thing that's keeping them from doing so is laziness and procrastination. These days, we must do everything we can to protect us from digital crimes.