Hackers do not simply just take your information, they just log in. If you look at something like LinkedIn's 2012 password attack, the breach behind this was the result of a stolen password and not high-tech hacking tools.
These type of break-ins are on the rise. Phishing scams, which attackers might pose as a trustworthy party to trick users into handing over their personal data or even account information, was the most common type of internet crime in 2019, according to an FBI report.
People lost more than R902 million in 2019 as the result of phishing, according to the report, and there were over 114,000 victims involved within this phishing scam, and that is just in the US alone. Scary, right?
As phishing becomes more profitable, hackers are becoming increasingly sophisticated in the methods they use to steal user's password, according to Tanmay Ganacharya, a principal director in Microsoft's Security Research team.
"Most of the attackers have now moved to phishing because it's easy. If I can convince you to give me your credentials, it's done. There's nothing more that I need," Ganacharya told Business Insider.
Ganacharya takes the information gathered by phishing tactics and reads this into a machine-learning system that can root out scams for people using Microsoft services, which includes Windows and Outlook, even Microsoft's cloud computing service.
So how do the hackers do it then?
Most of the time hackers will use social engineering skills, by targeting low-level employees and then move on up to the bigger guys. For instance, they will send emails to these low-level employees that come across as trustworthy, but it includes links which will direct them to a scam website, that will ask them to enter their details, such as their username and password.
Once they have access to the particular employee, they can then use it to send the same trustworthy-ish email to other people within the targeted company. The email appears to have come from a well-known person, and these type of emails try to create urgency or panic to trick users into giving their personal details. For example, in the video below, the hacker calls the IT department, so the guy can "assist" him with an error he's facing. It guy follows the link given by the hacker, and then boom, the hacker has got full access to the IT guy's computer, without him even noticing.
To break it down, phishing emails might contain a link which takes people to a fake website, which is what happened in the video below. If the victim – in this case, the IT guy – falls for the scam and enters his/her account details on the website, the details will actually be stored to the hacker's server instead of going to the server that it should've gone to. The hacker then has all the information needed that the victim has provided.
Despite all the other ways that hackers go about taking personal information, email is still the number one place where they find their victims, and these victims fall prey to the bad guys.
Hackers hack accounts and password for various reasons, some of them simply hack to show their skills off, while some do it for the profits.
How do you keep yourself safe?
Even though there are multiple ways a hacker could hack you, one way to stay safe is to obviously keep yourself secure. So, it is good to know how hackers hack your passwords and then how to keep yourself safe, in an ever-evolving online world.
Here are some tips to keep your online life safe:
1. Think twice before clicking any links in a strange email you received.
2. Install a good, licensed anti-virus and always keep your Firewall turned on.
3. Check every link before you click on it, write directly to the company that sent the email, or give them a call.
4. Look for any spelling errors or grammatical errors in the domain name, or even the email address you got the email from.
5. Use a long and strong password or get a password manager to make sure that each account you use has a unique password.
6. Turn two-factor authentication on your important accounts.
7. The FBI also recommends that you cover your webcam.