Home Blog Causes of data leaks and possible situations. How to protect yourself?
'
11 December 2020
Causes of data leaks and possible situations. How to protect yourself?

How often do we think about what information footprint we leave in the digital space, what data potential hackers and criminals may have in the public domain


After all, it is one thing to share information in a private conversation, and another – when it comes to online correspondence, telephone or online rallies, registration on forums or in various applications. And then we completely forget what resources we registered on

According to FinTech, the global volume of data leakage in 2020 increased by 80%, and the number of phishing attacks in February of the same year increased by 600% – a record in global information security practice. In most cases, attacks on companies or specific people took place in order to obtain personal- 65% and financial information – 23%

Based on the experience of investigating such cyber incidents, we can conclude that the main reason is the security of users in relation to the complexity of account passwords. Wealthy and influential users are the main victims of “digital criminals”

To explain simply what a data leak is – this is when hackers can obtain information by hacking the operating system installed on a mobile phone, social network account, email. With full information about the person, his relatives and friends, the mother’s maiden name and nickname of your favorite cat or dog – you can hack e-mail, social media account, account, which stores all user information. The hacker can then access more sensitive information. For example, a bank account, with known logins and passwords to the system Privat24, PayPal and other critical accounts

We all know that when registering in any application or account, in a particular data exchange system, you must specify a contact email, which is automatically sent a link for activation, which allows you to log in to your personal account, change your password, etc. Even without such links, personal email contains emails that specify logins and passwords to log in to personal online resources. As a result, the system identifies the user, however, in fact, an attacker is hiding under his account

In our practice, we regularly encounter such incidents. When we contact a client, we make sure to fully diagnose the IT system and personal information used by the client. In such a diagnosis, we rely on our experience, monitor the presence of errors that our experts often find during a security audit of the system

What are the most common mistakes?

First, one of the most dangerous and common mistakes is the same password on all services. For example, the date of birth of your child or wife when entering online banking, smartphone, etc., the security system on all resources of his test. But at one point, the user enters the same password to order a purchase in an online store that has already broken the system of protection of personal data of customers or gets on the phishing site. As a result, the attacker gets full access, so to speak, finds the key to all the doors

Secondly, the phishing mentioned earlier. This is sending fraudulent messages with suggestions, requests, even threats. Most often, they are accompanied by links, after which the recipient of such messages gives the attacker access to his smartphone, laptop or application

Third, free e-mail services. We noticed that mostly Generation X people rarely change passwords in their mailbox, but often distribute it to contractors and any interlocutors. After a short period of time in the mail with the name [email protected] and the password vasya123 accumulates such an amount of information, access to which can destroy the business or reputation of the person and his partners

n November 2020, NordPass, a provider of solutions for password managers, published a ranking of the most popular user passwords. According to the above information, only 44% of the analyzed 275,699,516 passwords were “unique”. As in previous years, the top five use passwords are: “123456”, “123456789”, “picture1”, “password” and “12345678”. Deciphering each of them will take seconds. Less than half of the password list is unique and new.

Every year, the number of tools for cybercriminals increases, but if users of online services follow a few simple rules – you can reduce the risk of data leakage at times, even if you lose your smartphone or computer:

  1. Install updates for applications and OP-OS. This will help prevent third party account intrusions due to possible application vulnerabilities. Use different passwords and change them more often. It is extremely important for each personal account to create different passwords and change them periodically. The character set should be random and not tied to personal dates of a user
  2. Two-factor authentication. More than one identity verification tool must be installed to access information. That is, set a password and the ability to verify the user by sending a message to another email or confirmation using a mobile phone
  3. Reduce information on social networks. Social networks can be a great place for career and financial growth, but they are also a source of information where an attacker can assess your financial level, home address and even determine your work and leisure schedule

Like many other companies, FSG uses cookie technology on its websites to improve your user experience, as well as for the correct operation of the website.

If you agree to the use of all cookies on this site, click the Ok button. To learn more about cookie technology, its benefits and how FSG uses it, check out our Privacy Policy.