Common tricks to steal passwords
The keys we can say that they are the main security barrier we have to prevent intruders in our accounts. If they steal the password, they will have access and that means that our data can be exposed, they could take control, make payments on our behalf, impersonate the identity in the mail…
A clear example of a strategy hackers use to steal passwords is the use of phishing attacks. What exactly does it consist of? We can say that it is a method in which they will impersonate identity from an official page, such as a social network, a bank, an email… The victim enters that site and by entering the password is actually sending it to a server controlled by the attackers.
Avoiding Phishing attacks is easy. The main thing is to maintain common sense, check very well the addresses of the web pages where you are going to put data and never access through links that you receive by SMS or e-mail.
Another very common trick they use to steal passwords is simply to use guessing. It is very common for many users to use the same type of password. That is, for example 123456 and the like. Although it is a serious error, the truth is that they are still really widely used because they are very easy to remember.
Hackers know that and can try to guess those more typical keys. Also things like the name of the victim, her date of birth, etc. In short, usual things that they can use.
Something similar to divination is to use brute force. They can use tools to crack passwords that are weak. Basically what they do is try multiple possibilities until they find the right one and thus be able to enter a social network, email or any Internet registry.
To prevent this from happening, it is essential to use a strong password. It is important that it is totally random, that it does not have anything that can relate to you (such as your name or date of birth), as well as that it has an adequate length. Simply putting in one more number or letter can make that password much more secure.
In addition, they can also use keyloggers. It’s a type of malware which is responsible for recording all the keystrokes we put. In this way you could know what password we use to enter any of the records we have on the Internet. They can sneak it through a fake program that we install or some file that we download from the Internet.
The best thing to avoid this is to always have a good antivirus. In addition, installing only official applications is essential to avoid problems and use software that may have been maliciously modified.
Theft from another account
One more trick is to get a password via another stolen account. For example, maybe you are registered in some Internet forum and there has been some vulnerability. An attacker has been able to access that password and what they can do is test if it is the same password to enter Facebook, Gmail or any other service. You always can use Have I Been Pwned to see if your passwords have been stolen.
To avoid this problem, the ideal is to use a unique key in each case. It is important to use a password for mail, another for social networks, etc. This way you will avoid the domino effect in case an intruder steals some.