Hackers use a variety of methods to obtain user passwords, including hacking databases of popular Internet services, phishing, creating fake applications, and infecting attachments. This was reported to RIA Novosti by Anton Nemkin, a member of the State Duma Committee on Information Policy and federal coordinator of the Digital Russia party project.
Hackers use a whole arsenal of methods to gain access to user passwords. One of the most common is hacking databases of popular Internet services. When attackers obtain such databases containing password hashes, they begin to use special programs to decrypt them. This is especially quick in the case of simple passwords - they have long been known and collected in rainbow tables, which allow you to instantly match the hash and the original text.
The deputy noted that phishing is another popular trick. Attackers send emails, messages, or create fake login pages to well-known sites, such as email or online banking. The user enters their data themselves, unaware that they are communicating with scammers. At the same time, hackers do not hack systems - the password goes to them voluntarily.
The parliamentarian stressed that malware is often installed on devices unnoticed. This can happen through fake applications or infected files. Such software can track keystrokes and take screenshots when a user enters a password. All data is then transmitted to cybercriminals.
Devices without updates and without antivirus protection are especially vulnerable. To protect yourself, it is important to use unique and complex passwords for each account. A strong password should be long, contain letters, numbers and symbols. Never use the same password on different sites - if one service is hacked, the rest will be at risk. You should also enable two-factor authentication - it significantly reduces the risk even if the main password is leaked.
According to the deputy, it is important to observe digital hygiene: do not follow suspicious links, update programs, install antivirus software and use password managers.
Be careful when entering data on websites. Modern cyberattacks are becoming more sophisticated, so your vigilance is the best protection.
Read more on the topic:
Almost five thousand fraudulent sites posing as state lotteries have been blocked in Russia
The State Duma approved the law on the status of data centers as critical infrastructure facilities