5 keys to not being a victim of cybercriminals

Rate this post

The password is often the only thing that stands between a cybercriminal and the user's personal and financial data, which is why they are currently one of the main targets of their criminal practices.

These keys are the Achilles heel of many people's digital lives, especially since today the average user has to remember a hundred access credentials, and the number has only increased in recent years.

The cybersecurity company ESET has compiled which are the five most widespread techniques that cybercriminals use to get passwords for people's access to their accounts.


The most widely used attack technique takes advantage of the human tendency to make wrong decisions, especially when they decide in a hurry. Cybercriminals take advantage of these weaknesses through social engineering, a psychological scam trick designed to get people to do something they shouldn't.

Phishing is one of the most famous examples. In this case, the criminals pose as legitimate entities, such as friends, family, companies with which the user has done business, etc.

These emails or texts will appear authentic, but include a malicious link or attachment that, if clicked, will download 'malware' or take you to a page providing personal data.


Another popular way to get passwords is through 'malware' or malicious program. Phishing emails are a primary vector for this type of attack, although you can also fall victim to clicking on a malicious ad ('malvertising'), or even visiting a compromised website ('drive-by- download ').

As ESET has highlighted, 'malware' can even hide in a legitimate-looking mobile application, which is often found in third-party app stores.

There are several varieties of 'malware' to steal information, but some of the most common are designed to record the keys that the user presses on the keyboard or to take screenshots of the device and send them to the attackers.


The average number of passwords a person has to manage is estimated to have increased 25 percent year-on-year in 2020. Many people use easy-to-remember passwords and reuse them across multiple sites, but this may open the door to so-called force techniques. gross.

One of the most common attacks is credential checking. In this case, attackers inject large volumes of previously stolen username and password combinations into automated 'software'.

The tool then tests them across a large number of sites, hoping to find a match. In this way, criminals can unlock multiple accounts with a single password.

By one estimate, there were 193 billion attempted attacks of this type around the world last year. One of the most notable victims recently has been the Canadian government.

Another brute force technique is random password testing. In this case, hackers use automated 'software' to test a list of commonly used passwords against an account.


Although cybercriminals have automated tools to force password deduction, sometimes they are not even necessary: ​​even simple guesswork - as opposed to the more systematic approach used in brute force attacks - can achieve the goal.

The most common password for 2020 was '123456', followed by '123456789'. In fourth place is the very word 'password', password in English.


Although there are many ways to steal a password virtually, it is worth remembering that there are still ways of knowing a password in the physical world that pose a risk.

This is the case of what is known in English as 'shoulder surfing', simply called 'looking over the shoulder' in Spanish. This not only affects the credit card pin, and ESET has conducted experiments showing how easily a Snapchat password can be guessed using this system.


To help protect Internet users, ESET has shared a series of recommendations so that users do not end up suffering theft of their passwords.

Some of these tips are recurring, such as using only strong and unique passwords or phrases across all accounts, especially banking, email, and social media accounts. This includes avoiding reusing credentials.

Another recommendation is to enable two-factor authentication (2FA) or use a password manager, which will store strong and unique passwords for each site and account. It is also important to change your password immediately if a provider reports data theft.

Users should be aware of and use only HTTPS sites to log in, do not click or open attachments in unsolicited emails, and download only apps from official stores.

It is also advisable to use cybersecurity 'software', always use updated operating systems and applications, be careful with possible 'peepers' in public spaces and never connect to accounts from public WiFi networks, in which the use of VPN tools is recommended.

Author Profile

Nathan Rivera
Allow me to introduce myself. I am Nathan Rivera, a dedicated journalist who has had the privilege of writing for the online newspaper Today90. My journey in the world of journalism has been a testament to the power of dedication, integrity, and passion.

My story began with a relentless thirst for knowledge and an innate curiosity about the events shaping our world. I graduated with honors in Investigative Journalism from a renowned university, laying the foundation for what would become a fulfilling career in the field.

What sets me apart is my unwavering commitment to uncovering the truth. I refuse to settle for superficial answers or preconceived narratives. Instead, I constantly challenge the status quo, delving deep into complex issues to reveal the reality beneath the surface. My dedication to investigative journalism has uncovered numerous scandals and shed light on issues others might prefer to ignore.

I am also a staunch advocate for press freedom. I have tirelessly fought to protect the rights of journalists and have faced significant challenges in my quest to inform the public truthfully and without constraints. My courage in defending these principles serves as an example to all who believe in the power of journalism to change the world.

Throughout my career, I have been honored with numerous awards and recognitions for my outstanding work in journalism. My investigations have changed policies, exposed corruption, and given a voice to those who had none. My commitment to truth and justice makes me a beacon of hope in a world where misinformation often prevails.

At Today90, I continue to be a driving force behind journalistic excellence. My tireless dedication to fair and accurate reporting is an invaluable asset to the editorial team. My biography is a living testament to the importance of journalism in our society and a reminder that a dedicated journalist can make a difference in the world.