If you have ever had your identity stolen or an online account compromised, you may have asked yourself how the theft of your information or credentials occurred. Recently, Google and UC Berkley conducted a study regarding the common ways in which someone’s account can get hacked.
“During the 12 months studying the underground markets, the researchers identified more than 788,000 credentials stolen via keyloggers, 12 million grabbed via phishing and 1.9 billion from breaches at other companies.”
Keyloggers
Phishing
Breaches
The key takeaway here is that the vast majority of credentials and personal information that are compromised have been stolen from companies that were supposed to be protecting that information. In 2017, with the evolving cyber-threat landscape, organizations need to take a holistic approach to information security including technical controls, procedural controls, personnel controls, and (perhaps most importantly), employee training.
As highlighted by the study, phishing is also a major risk to both consumers and businesses which is why employee training is so crucial. Can you and your employees recognize a phishing email? Have you ever tested their ability to do so? Are your current controls adequate enough to properly protect sensitive information and to stop your company from contributing to the static above?
Finally, the study also noted that only 3.1% of individuals that had accounts compromised responded by taking additional security measures (such as two-factor authentication). So, if you have been compromised, whether personally or at work, make sure you take the appropriate steps to regain control of your accounts.
Related articles
Business Email Compromise: Top BEC Tactics & How to Protect Against Them
We take a look at Business Email Compromise, including common BEC tactics and what your business can do to protect against them.
FFIEC CAT Sunset: Why the CRI Profile is a Strong Alternative
With the FFIEC CAT sunset approaching, we explore why the CRI Profile is a strong alternative to the CAT for financial institutions!
FTC Safeguards Rule Compliance for Auto Dealerships
We’ll go over the FTC Safeguards Rule, what it requires, and how a managed service provider can help auto dealerships stay compliant.