It is proven: there is no password that can withstand this trick - CYDIAPLUS.com

Breaking

Tuesday, 15 August 2017

It is proven: there is no password that can withstand this trick



While security experts continue to offer us their tips for creating strong passwords by typing capital letters with lowercase letters, numbers, symbols ... and that these are also changed periodically, hackers have discovered a much simpler trick to get access to email or iCloud of their Victims . They do not need key generators, malware or anything. It is much simpler.

In fact, it just needs a little charm . Because in this world of social engineering, the simplest thing is an action that influences a person to act ... in their best interest or not. We explain: Imagine that a stranger calls your phone company pretending to be you and manages to convince you to reset your SIM. The employee does it with his best intention but ... imagine the consequences.


Five years ago, a hacker misled Apple by allowing him access to iCloud by a reporter named Mat Honan. From there, the hacker reached the accounts of Gmail and Twitter. As it did? Honan himself talks about it:


  • I KNOW HOW THEY DID IT, CONFIRMED BY BOTH THE HACKER AND APPLE. NOT THAT THEY KNEW THE PASSWORD, IS THAT THE APPLE SUPPORT ASKED THE SECURITY QUESTIONS, ANSWERED AND THAT'S IT.


In fact there is even a company dedicated to these tricks, called Social Engineering Inc .. It just takes a bit of luck and knowing someone's proper information . There are even forums that guide you when sharing tricks. Social engineering seeks to take advantage of human nature, simplicity when it comes to putting their questions of safety and of course, their confidence in publishing data over networks.


Then maybe it's time for companies that provide Internet services to seek to reinforce these security questions that they make via the web or via operator with something more complicated.

And what can we do? For starters, do not provide information to anyone (let alone publish it on the internet) that can then be used to identify you. A good way to protect yourself is Apple's two-step authentication, which allows us to verify our identity through codes sent to several of our terminals. It is also a good idea to have a security PIN and of course, it is not an easy number to guess, such as our date of birth or simply "1234"

Via | Mashable

No comments:

Post a Comment

Follow by Email