• Security
  • 13/06/2022
Are Your Passwords Up For Sale?

It's no secret that cyber crime is on the up. And, for the most part, spaces such as the Dark Web continue to be the digital equivalent of the Wild Wild West (and no, we aren't referring to the 1999 movie!).

Recently, we've touched on the spike in cyber crime - especially during times of COVID and the lockdown. But don't worry, this post turns out not to be another doom and gloom update about the need to be vigilant. Better news is on the horizon. 

Password Security

In a world where cyber attacks are becoming increasingly more sophisticated, the shortcomings of passwords are there for all to see.

Phishing attacks are the most common way for an outsider to gain your password or credentials, typically using underhand approaches via social media, text messages or email. To learn more about phishing, visit our dedicated blog post.

Sometimes, the phisher won't even use the acquired password or credentials themselves. Instead, they'll trade them on the Dark Web.

And, if you don't have the security blanket that is two-factor authentication, all it takes is one successful phishing attack for you - or your organisation - to be in serious trouble. 

However, as announced at the WWDC 2022, Apple, Google and Microsoft appear to be working to rid us of passwords.

Password Trading Websites Closed

We mentioned how cyber criminals trade passwords online, and such news may - and should - come as a concern to those who haven't ensured their staff are cyber secure.

But, now for the better news, as promised in the introduction.

As per Cybernews, the FBI has shut down a cyber criminal website for selling access to a staggering seven billion records of pilfered data, the Department of Justice announced.

The Bureau decided to shut down weleakinfo.to along with affiliated domains ipstress.inand ovh-booter.com, after an international investigation, found that they were trading in stolen personal credentials and facilitating cyber attacks. 

“Today, the FBI and the Department stopped two distressingly common threats: websites trafficking in stolen personal information and sites which attack and disrupt legitimate internet businesses," said the US Attorney Matthew Graves of the District of Columbia.

WeLeakInfo provided clients with a search engine that allowed them to browse its ill-gotten data haul, obtained in more than 10,000 breaches and including names, email addresses, passwords, and phone numbers. Cybercriminals paid for this service via subscription, ranging from one day in duration to lifetime membership.

All three websites are now in the custody of the FBI, and visitors will find nothing more than a notification informing them that they have been impounded under a seizure warrant issued by the District of Columbia.

Solutions

If you're concerned about the threat to your password security - or feel you may be vulnerable to outsiders, it can feel like you don't know where to turn. Fret not - options are available!

Partnering with an MSP (may we recommend Fifosys?) can give you access to one - or all - of the following, not to mention peace of mind:

The Last Word

Password-sharing websites - and similar faucets of the Dark Web - may never go away - even though the news from America is positive. At a minimum, they'll be around until we're in a passwordless society. Until then, why not get in touch to hear how we can help you? 

At Fifosys, we've been operating for over 20 years. By now, there's very little our team of experts hasn't seen, encountered and solved.

Going beyond the expected norms of a standard third-party, we can integrate and act as an extension of your team on all levels. From sitting in board-level discussions to advising staff on best practices, we can support you through anything.

Recent Post

The Cloud Question

Security

Are IT preconceptions holding the business back?

Security

How secure is the Cloud?

Security

The Six R's of Cloud Migration

Security

Cloud Computing and the Property Sector

Security

Related Posts

  • Security
  • Jan

Do we value our data enough to protect it?

I’m sure you know yourself. You know your business. Of course you want to protect everything in it,

Read More
  • Security
  • Jan

Privacy or anonymity? - Which is more important in the digital era?

Technology is evolving quicker than most peoples’ ability to understand it; therefore it is increasi

Read More
  • Security
  • Jan

If all computers are vulnerable, how strong are your security defences?

You should now understand the difference between Privacy, Anonymity and Pseudonymity. which should l

Read More
  • Security
  • Jan

The Cyber Security Landscape - Best Practices to Protect Your Business Data

What business owners consider to be valuable assets will vary from one business owner to another  bu

Read More