Did Your Password Leak Online?
Don’t let a password leak become your biggest nightmare
Security breaches plague people and businesses everywhere. A password leak can be a rising concern for consumers and businesses alike. Everyone is at risk of being compromised online. At Net Pay Advance, our technology team aims to identify and tackle issues to protect our customers by avoiding potential scammers.
The online era presented us with the opportunity to have the world at our fingertips. It also opened the doors for negative elements that pose a threat to our safety.
When we engage in online activity, we tend to leave pieces of information on the world wide web. Think of all the times you’ve signed up for a subscription with your email address or phone number. Most of us have shopped online and entered financial information into a browser window. Often, we enter sensitive information such as our social security number when prompted. For the most part, so long as we stick to HTTPS URLs, we feel safe.
However, company breaches and compromised accounts are possible, and can happen anywhere. There is always a possibility of miscreants getting their hands on our information. Even at your local grocery store.
At Net Pay Advance, we take security very seriously. Our team continuously works to address any and all concerns. We strive to empower you to avoid becoming the next victim of cybercrime.
Did you know that compromised passwords are at the root of 81% of hacking-related breaches? It is a pretty significant number and can’t be ignored.
Cybercrime at the time of a global pandemic
When the pandemic hit, it changed our lives in a million different ways. With mass hysteria, layoffs at organizations, and a remote work structure, cybercrime was steadily rising. In fact, there was over a 400% increase in online scams in March 2020.
We spoke to Scott Hoopes, Director of Technology at Net Pay Advance, regarding the rising cybercrime statistics since Covid-19 and he confirmed there was an increase in hackers across the technology industry. Scott said, “While there is not an increase in data breaches, there is an increase in hackers using breached data and an increase in the number of attempts to use the breached data.”
He adds, “These types of attacks are called password ‘credential stuffing’ and ‘password spraying’ attacks.” It happens when hackers steal information from one place and use it to open accounts elsewhere.
Scott goes on to say, “Our website, like most others, has seen both of these types of attacks.” Hackers have taken personal information from email services and business data breaches and used it to open financial accounts.”
“Credential stuffing seems to be the most popular attack,” clarifies Scott. “The breached data is being traded more often and attack platforms are now available as a paid service on the dark web making attacks like these available to even the unskilled hacker.”
Wondering if you have a breached password? Experts like Scott recommend the website HaveIbeenpwned to check if your email has been stolen in a security breach
Why pay attention to notifications regarding compromised passwords and password leaks?
When you receive a notification on your phone regarding a password leak, it means that your accounts are no longer secure due to a data breach. The first thing to do is to go ahead and change your passwords.
We asked Scott for his advice on avoiding security issues and he shared, “The most powerful protection against account takeover is never reuse passwords. Every account you create on the web should have a new, unique, and complex password. If you use unique, complex passwords on every account then you are safe from breached data being used to gain access to your accounts.”
Just don’t use any of the passwords below. These are the 10 most common passwords, and aren’t secure.
Do any of those look familiar to you? Now is the time to update your password.
What can hackers do with your credentials?
We know that there are hackers out there trying to steal people’s information. But what exactly does that mean for us? How does it impact us?
Scott explained, “Breached data can lead to account takeover… they can do many harmful things like take money, move money, get loans or credit cards in the victim’s name, make purchases, open accounts, close accounts, gain control over their mobile devices etc. All of these things can lead to damaged credit and financial ruin.”
What to do if your password has been breached
In case you encounter a password leak during a data breach, these are a few things you can do:
- Identify what sensitive information might have been stolen
- Change passwords to accounts impacted
- Monitor your credit for any suspicious activity
- Back up your valuable information
- Adopt multi-factor authentication if services allow it
Breaches do happen from time to time and need to be resolved at the earliest. Identity theft is a serious problem. We recommend checking out this resource to know more about identity theft.
How to keep your credentials safe
For starters, use secure passwords. You’ll want to use a mixture of uppercase letters, lowercase letters, and numbers. If they allow it, you’ll want to include symbols (such as %$!#@) as well.
Check the security of a potential password below:
Type in password to check
Scott suggests using a password wallet application like Dashlane or Keepass to keep your credentials safe from a password leak. These applications make managing all those unique passwords easy, and they come with tools that will create complex passwords for the user.
What security does Net Pay Advance have in place to keep our customers’ information safe?
We genuinely care about the online safety and wellbeing of our customers. That’s why Net Pay Advance has measures in place for people whose credentials were stolen from elsewhere and misused at our business.
We asked Scott to elaborate, and he responded, “Analytics and Customer Service do proactively look for and block fraudulent applications. It’s hard to identify though when a bad actor has stolen a lot of information about the same person. If they have your name, address, social security number, birthday, employment information, and more, it’s tough to spot.”
What is Net Pay Advance doing to improve?
In addition to advocating for stronger passwords, we are adding multi-factor authentication to help protect against breaches.
Many of our customers would like to know about our current and ongoing efforts towards keeping information secure. We are continuously levelling up with our security measures. We employ 256-bit encryption in addition to the following:
- Web application firewall to protect against mass attacks like credential stuffing
- CAPTCHA to ensure only humans (not automated hacker software) can log in
- Pre- and post-login monitoring software to alert us of suspicious behavior on our website
- Ongoing employee training on cyber security, complete with simulated attacks
- As mentioned above, soon we will implement multi-factor authentication which will almost entirely eliminate account takeover
As the age-old saying goes, prevention is better than cure. It’s best to stay proactive and do our best to prevent cyber-attacks from impacting us. We strongly recommend following simple steps like updating your passwords periodically, avoiding common passwords, and using ones with higher strength. In addition, be mindful of what information you share online. Fraudulent activity can target anyone. Staying on guard and noticing things that are out of place can help identify larger issues.
For more information on cybersecurity and internet safety, refer to this resource.