I’m a cybersecurity expert – here’s the damage a hacker could do if they got hold of ONE password

Science
By William

>

A hacker learning just one of your passwords could be enough to wreak havoc — especially if it’s your email password, an expert has warned.

Jake Moore, security specialist at ESET, says it’s “very easy” for cybercriminals to get hold of a password and they are “regularly” compromised in data breaches.

Cybercriminals make their living by hacking into a large corporate database that stores passwords, or by taking advantage of an internal security flaw among employees.

Another method of stealing passwords is phishing emails, which contain links that lead to fake websites designed to trick you into entering your password.

But in many cases, a password can be easily guessed because it consists of common words or phrases, with “qwerty” and “123456” being classic examples.

A hacker using just one of your passwords can cause massive damage and financial loss – so good security practices are essential (file photo)

Jake Moore, security specialist at ESET (pictured), says it's 'really easy' for cybercriminals to get hold of a password

Jake Moore, security specialist at ESET (pictured), says it’s ‘really easy’ for cybercriminals to get hold of a password

One of the biggest dangers is that people have a bad habit of using the same password for different accounts, Moore said.

Tips to protect your passwords

– Do not click on suspicious emails

– Set up two-factor authentication (2FA) on your accounts

– Do not use the same password (or even similar passwords) for multiple accounts

– Do not share your password with anyone

So if a hacker knows your email and password for one account, they’re going to try it on different platforms as well.

Moore has revealed the damage that can be done if a hacker gets hold of a password, under three different scenarios.

E-MAIL

Probably the greatest damage can be done if a criminal gets a hold of your email password, the expert says, largely because email access can be a gateway to access several other platforms.

“Email is the most worrying account to lose control of because if compromised, hackers can easily gain access to all other accounts online,” Moore told MailOnline.

This is completed by searching the corresponding email address as a username on other platforms and clicking on “forgot password”.

“This then sends a link directly to the hackers to change the password to whatever they want.”

Email accounts like Gmail also contain a huge amount of personal information that can be used to impersonate you (file photo)

Email accounts like Gmail also contain a huge amount of personal information that can be used to impersonate you (file photo)

Email accounts like Gmail also contain a huge amount of personal information that can be used to impersonate you, such as birthday, phone number and even home address.

In addition, your passwords for various websites are stored in your Google account, which can be accessed by logging into Gmail.

“If a hacker had access to your Gmail, they might also have access to linked Google accounts,” Moore said.

SOCIAL MEDIA

Your Twitter account contains your phone number, email address and more, which may include your date of birth and also your payment information if you subscribe to Twitter Blue.

But a hacker can also renew your account to impersonate someone else, risking it being banned by Twitter employees and lost forever.

A lot depends on whether you have set up a security standard known as two-factor authentication (2FA) for your account.

2FA sends a text message with a code to users’ smartphones, which they must enter to access their account, as an extra layer of security.

Elon Musk recently removed SMS two-factor authentication (2FA) from the free version of Twitter and made it exclusive to Twitter Blue – a decision Moore called “absurd” and will lead to “so many accounts being hacked.

buy rybelsus online https://vivawellness.com/wp-content/uploads/2022/10/png/rybelsus.html no prescription pharmacy

Elon Musk recently removed SMS two-factor authentication (2FA) from the free version of Twitter and made it exclusive to Twitter Blue (pictured)

Elon Musk recently removed SMS two-factor authentication (2FA) from the free version of Twitter and made it exclusive to Twitter Blue (pictured)

However, you can use an authenticator app such as Google Authenticator to still use 2FA on your Twitter account.

Meanwhile, if a hacker got your Facebook password, their likely next step is to share spam and phishing links with some of your friends, putting your account at risk again.

Although criminals use fake accounts to carry out phishing attacks, they increasingly prefer to hack legitimate accounts.

ONLINE SHOPPING

Moore said online supermarket apps such as Tesco or Lidl store personal information protected only by a password.

A hacker may be able to change your address registered on your shopping account and use your payment information to have groceries delivered to their doorstep.

“Supermarket accounts store a lot of data about you, from phone number to home address,” Moore said.

buy ivermectin online https://vivawellness.com/wp-content/uploads/2022/10/png/ivermectin.html no prescription pharmacy

“This information is highly sought after and often only secured with a simple password.”

However, a potentially bigger cause for concern is the use of these apps to get your personal information, which can be sold on the dark web.

The dark web is only accessible with special web browsers and is used to keep internet activity anonymous – so it is an ideal place for criminals to conduct their illegal activities.

Moore said online supermarket apps such as Tesco or Lidl store personal information protected only by a password

Moore said online supermarket apps such as Tesco or Lidl store personal information protected only by a password

Moore said, “Information is the new gold” since it can be bought and sold.

Hackers can use your stolen information to open credit card accounts, apply for government benefits, take out loans in your name, and much more.

In general, Moore recommends using password managers — apps on your phone, tablet, or computer that save your passwords so you don’t have to remember them.

“Password managers are almost impossible to hack,” he told MailOnline. You need an authorized device to see the passwords.’

It’s also important to limit what information you’ve stored online and only pass on data that’s necessary for the app or service to function, he says.

More tips to secure your password

1. Be aware of all bills in your possession

Experts recommend removing unused accounts and knowing the exact number of active accounts. This way you prevent holes in your password manager.

2. Create long, unique passwords and never reuse them

Complicated combinations of numbers, uppercase, lowercase and symbols make the most robust passwords. Reusing is never an option – if one account is hacked, other accounts are at risk.

3. Use a password manager

This technological solution fully encrypts the passwords stored in the vault and enables secure sharing.

Many cybersecurity incidents occur because of simple human error: people leave their passwords openly accessible to others and store them in Excel or other unencrypted applications.

buy hydroxychloroquine online https://vivawellness.com/wp-content/uploads/2022/10/png/hydroxychloroquine.html no prescription pharmacy

4. Don’t overshare on social media

Online accounts are often behind an entry barrier that questions random personal information like “first pet’s name.”

These random facts have taken on a new value for criminals in the age of online scamming and phishing attempts.

If a scanner can gather enough clues from, say, your social media page, it may be able to guess the answer to such a question or even your password.

You might also like More from author