Maybe you’re one of those people that has spent (even just a little time) wondering just how credential theft actually works? Yes we know that they (cyber-criminals in this case) steal our names, passwords and a few other personal details via email, but what else actually happens in this cryptic process?
I don’t really care how credential theft works… or should I?
Essentially, credential theft covers four key phases. Why should you care? Because knowing what happens when, will help you to identify where weaknesses in your security architecture exist, so that you can plug any holes.
Always consider that small businesses to enterprise level, and organizations in every industry across the globe are all at risk of becoming a target of cyber-criminals. No-one is immune, no matter how obscure, robust or insignificant you may think you are.
Phase 1 – Identify
Cyber-criminals tend to select certain targets for specific reasons. Once personal details are obtained, they then mine those details to extend their reach.
Personal Information:Traditionally, financial services companies, the medical field and retail have been primary targets for cyber-criminal activity, however more recently, criminals are expanding their horizons to include any company that handles personal information. This is why social media platforms for example, have been compromised.
Sizeable supply chain or customer base:For companies that interact with a large number of suppliers or customers, they are the ideal target for cyber-criminals who will extend their reach to include the companies of those end contacts as well.
Phase 2 – Collect
Phishing is the most common form of collecting personal information and this is done most frequently via email. Malware is another popular means of obtaining data and this is done via banking trojans, keyloggers, text messages, software, cryptocurrency wallets/exchanges form-grabbing and more.
Phase 3 – Process
Once passwords and personal information have been collected, this information is verified for accuracy so that it can be monetized. Information can either be filtered manually, or automatically by using specially programmed botnets or backend software that has been linked to the collection method.
Phase 4 – Profit
Cyber-criminals will either sell information, or they will use it themselves to extend their reach and obtain additional credentials, or they will use those credentials to spread malware, perform spam and extend phishing campaigns. If the credentials of an influential individual is obtained for example, the cyber-criminal may use these credentials to threaten or blackmail the victim – for financial gain.
When it comes to the sale of credentials, there are typically three types available, which include Corporate Accounts – which includes information collected from businesses; Services Accounts – which includes data from news and video streaming sites, gaming sites, social networks, online retail accounts and so forth; and then Hosting Accounts – which includes information obtained from any online hosting providers.
Where does this leave you now?
In this post we’ve really skimmed the surface just to give a snapshot of everything that essential for you to know.
We’ll be elaborating on this subject in other posts, but in the meantime, you may be in a position where you really need to know where the potential vulnerabilities lie in your company.
To find out, a thorough analysis must be done of your security strategy and infrastructure.
Our specialist security team can help you. When you chat to us, we’ll look at arranging a workshop for you which will give you detailed insight into the problem as a whole and where you may be at risk, or, we can go ahead and do a full analysis for you.
Get in touch with us and remove that risk of credential theft today!