Cyber criminals are always on the hunt for user and corporate credentials (usernames and passwords). If you have someone’s credentials, you can log in to their systems, access valuable data and perform fraudulent transactions on their behalf.

Credentials are typically extracted by cyber criminals in one of three ways:

  1. Key-logging malware captures users’ keystrokes during log in and sends the information to the attacker. There are various techniques to compromise user machines with such malware, including drive-by downloads, watering hole attacks and infected USB drives.
  2. A phishing site is used. This is a fake website that is designed to look like a legitimate log in page, such as an online banking website or online applications such as Google Docs. To get the user to the phishing site, the attacker sends a spear-phishing message that looks like it came from a trusted source, such as a bank, colleague or government office. Once the user attempts to log in to the phishing site, the credentials are sent directly to the attacker.
  3. Cyber criminals hack into e-commerce websites and social networks to extract the user database, including user credentials. Since users often reuse credentials, it is highly likely that the same credentials can be used for logging into other systems as well.

General Recommendations

There are several things that can be done to lower the risk of credentials theft. First, don’t log in to sensitive applications from unprotected machines. Make sure your antivirus is up-to-date and, if possible, use special security solutions designed to block information-stealing malware to protect your machine.

Be cautious about possible spear-phishing emails, even if the message seems to come from a trusted source. When receiving a message that includes a link to a website, try to verify that the request is genuine and that it takes you to a relevant site. If possible, don’t click the link. Instead, open your browser and type in the address yourself.

Change your passwords often, use complex passwords and don’t use the same credentials across multiple systems. For systems that are especially critical to you or your business, consider using two-factor authentication. This adds additional user information requirements when logging in and is therefore harder to compromise.

Protecting Corporate Credentials

IBM Security Trusteer Apex Advanced Malware Protection is an advanced threat protection solution designed to protect user machines from advanced, information-stealing malware. Its exploit prevention and data exfiltration prevention technologies are designed to prevent advanced malware from compromising the user endpoint. In addition, Trusteer Apex includes special protections to prevent corporate credentials theft and exposure:

  1. Keystroke obfuscation: Trusteer Apex obfuscates user keystrokes during log in procedures, preventing key loggers from capturing user credentials.
  2. Prevent corporate password exposure on phishing sites: Trusteer Apex ensures corporate credentials are used only for logging into corporate Web applications. If the user is trying to log in to a phishing site, the login will be blocked.
  3. Prevent reuse of corporate credentials on noncorporate sites: Trusteer Apex prevents users from using their corporate credentials to log in to nonapproved public sites, such as e-commerce sites or social media. The user will be requested to change his or her credentials before logging into the website.

Update: Massive Hack Exposes 2 Million User Credentials

Only one day after we blogged about the importance of user credential protection, one of the biggest credentials breaches came to light. The breach was a result of key-logging malware that was installed in numerous computers around the world. The malware captured usernames and passwords of users logging in to more than 93,000 websites. The malware sent the information to a server controlled by the attackers. The breached credentials allow the hackers to log in to sensitive applications such as ADP payroll systems.

More from Data Protection

Heads Up CEO! Cyber Risk Influences Company Credit Ratings

4 min read - More than ever, cybersecurity strategy is a core part of business strategy. For example, a company’s cyber risk can directly impact its credit rating. Credit rating agencies continuously strive to gain a better understanding of the risks that companies face. Today, those agencies increasingly incorporate cybersecurity into their credit assessments. This allows agencies to evaluate a company’s capacity to repay borrowed funds by factoring in the risk of cyberattacks. Getting Hacked Impacts Credit Scoring As per the Wall Street Journal…

4 min read

IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

3 min read - KuppingerCole named IBM Security Guardium as an overall leader in their Leadership Compass on Data Security Platforms. IBM was ranked as a leader in all three major categories: Product, Innovation, and Market. With this in mind, let’s examine how KuppingerCole measures today’s solutions and why it’s important for you to have a data security platform that you trust. The Transformation of the Data Security Industry As digital transformation continues to expand, the impact it has had on enterprises is very apparent when…

3 min read

SaaS vs. On-Prem Data Security: Which is Right for You?

2 min read - As businesses increasingly rely on digital data storage and communication, the need for effective data security solutions has become apparent. These solutions can help prevent unauthorized access to sensitive data, detect and respond to security threats and ensure compliance with relevant regulations and standards. However, not all data security solutions are created equal. Are you choosing the right solution for your organization? That answer depends on various factors, such as your industry, size and specific security needs. SaaS vs. On-Premises…

2 min read

Understanding the Backdoor Debate in Cybersecurity

3 min read - The debate over whether backdoor encryption should be implemented to aid law enforcement has been contentious for years. On one side of the fence, the proponents of backdoors argue that they could provide valuable intelligence and help law enforcement investigate criminals or prevent terrorist attacks. On the other side, opponents contend they would weaken overall security and create opportunities for malicious actors to exploit. So which side of the argument is correct? As with most debates, the answer isn't so…

3 min read