HOW EASY IS IT TO HAVE YOUR ONLINE PASSWORD HACKED?
One of the ways hackers can overpower your computer’s defenses and steal your password is by using repetition. It’s called a Brute- Force Attack. It employs dictionary software in random text strings that keep combining and recombining English dictionary words with thousands of varying combinations. Brute Force- Attacks can make up to 50 attempts per minute, and can overcome any password, but the more complicated your password is, the longer it will take to hack.
Another con game that hackers use to manipulate in order to get your password, is called a Social Engineering Attack, and involves personal contact. An attack can occur over the phone, where a hacker wants you to believe he is a bank officer calling to confirm your phone and bank account numbers. They also use “phishing” and “whaling” attacks, which are deception pages fronting as legitimate authorities on your computer screen. These can direct the victim to a phishing website where the victim types in their password, believing the website to be their actual banking online account.
Websites are not an efficient target for brute- force attacks, the reason being is that each time the hacker guesses what a password is, the true or false result takes several seconds, and hacking a four digit number could possibly take up to 20 hours. Safeguards that are built in to such a site will recognize what’s happening and shut down the account.
It seems to be the general consensus that people are the easiest things to hack. If a person calls with a crisis, such as having had an accident or being a victim of a crime, security systems available on the Internet become a dead end. Sites receive hundreds and thousands of these calls a day, and most are really true cases. It’s a part of human nature to want to come to the aid of a victim. Chances are, if the hacker is an experienced cybercriminal, they have a fine-tuned penchant for drama, and when matched by tier 1 tech support, can easily convince that customer service person that he/she is on the up-and-up and needs help. Just keep in mind, that if a tech support person is that easily convinced, perhaps you need to find a more secure company to mind your credit card account.
It seems that the best thing you can do is create lengthy and complex passwords that do not resemble every day English words. If you consider combining a worthy password with CAPTCHA services offered by your online accounts, your risk of a brute force hacking is dramatically reduced. CAPTCHA is a program that protects websites against attacks by generating and grading “tests” that humans can pass but current computer programs cannot.
Some helpful guidelines in creating safe passwords are: Don’t use an email address –tied personal domain for logins. Use different credit cards for different services. Request a one-time card that can be used to pay for a 10 year domain and then destroyed. A good way to test your vulnerability is to call your provider and see what information you can extract from them over the phone. If they cave and give up your personal information, seriously consider changing companies.