Kaspersky Lab researchers have discovered a new modification of the well-known mobile banking Trojan Faketoken, which has been developed and is now able to steal credentials from popular taxi applications.
New research by Kaspersky Lab and B2B International shows that in the last 12 months one in four Internet users had at least one of their online accounts hacked, leading to unauthorized messages being sent out in the user’s name, sometimes with a malicious link included, and the loss or theft of personal data. However, another study shows that, despite this, just 38% of consumers create strong passwords for every account and over half (57%) store passwords insecurely.
In addition to the number whose own accounts had been hacked, a third (32%) of respondents know of someone whose account has been hacked. The kind of accounts targeted by hackers include email (11%), social media networks (11%), and online banking or shopping accounts (7%), sites that many consumers use on a daily basis and that keep them in touch with work and their closest friends and family.
The survey found that it’s not just bank balances but relationships that can be damaged by hackers. 35% of those affected by hacking discovered that messages or updates had been sent from or posted on their accounts without their permission; and 29% learned that friends had clicked on a malicious link in a message that apparently came from them.
Personal data and identities are a top target for hackers. 26% of those affected lost personal details and data following a successful hit; and in 26% of cases data was stolen and later used in criminal activity such as unauthorized transactions. In fact, 36% of all respondents had encountered some kind of identity threat over the previous 12 months, most involving an unsolicited message and a request for personal information, passwords and other credentials.
However, Kaspersky Lab’s ‘cyber-savvy’ quiz has found that only 38% of users make a point of creating a strong new password for every account they set up. Further, over half (57%) store their passwords in insecure places. This includes writing them down on paper or saving them in a mobile phone.
“Hackers are after your details, contacts and funds, so failing to set strong passwords for the accounts you entrust with such information is a bit like locking the door and then leaving the key in. Passwords are the digital ‘you’: and your accounts rely on them to ensure it’s really you they are giving access to. There is simply too much at stake for anyone to be casual about passwords. The words, “I didn’t send that, my account was hacked” is unlikely to sound convincing to a distressed friend or co-worker at the receiving end of malware or a request for money. Some simple security steps and a robust approach to passwords will remove the risk,” said Elena Kharchenko, Head of Consumer Product Management, Kaspersky Lab.
Kaspersky Lab appreciates that the temptation to create and re-use a small number of memorable passwords is underpinned by fear of forgetting them. It therefore recommends that users invest in a security solution that allows them to safely store and retrieve even the most complex passwords, keeping them far from the hands of the hackers.
Kaspersky Lab’s flagship consumer solution, Kaspersky Total Security – Multi-Device includes a special Kaspersky Password Manager module that enables users to easily and securely store all their passwords and identity forms and to synchronize them between devices. Users can then automatically log-on to a website with a single, safe, click.
To learn more on how to be safe online, click https://blog.kaspersky.com/tag/cybersavvy. To check if your current online behavior can lead to account hacking, test yourself here: https://blog.kaspersky.com/cyber-savvy-quiz/.
Articles related to Virus News
Kaspersky Lab has released a beta version of its solution for the "smart" home and the Internet of Things - Kaspersky IoT Scanner.
Kaspersky Lab researchers have discovered an unusual rise in mobile Trojan clickers that are stealing money from Android users through WAP-billing – a type of direct mobile payment taken without any additional registration.