A recent research by Digital Shadows showed that more than 24 billion exposed credential pairings are available for sale online. That is a 65 per cent increase from 2020, probably due to more sophisticated malware and social engineering, as well as improved credential sharing.
With passwords such as ‘123456’ still accounting for more than one hundred million exposed cases, account takeovers are bound to continue. However, there are ways to avoid them, which we will cover later in the article. First, let’s consider whether account takeover (ATO) is something that everyone really has to worry about.
Account takeover: how it happens
The ATO attacks are somewhat similar to burglary. Fraudsters or hackers either crack your password using special software—just as burglars do to open the doors of a building—or get it from you through social engineering and dedicated malware. Then they make it impossible for you to log into your account by changing the password. Unlike the case with burglars, you can lose all your sensitive information, as well as your money, at once. After online fraudsters take all they want from your accounts, they might sell it on the dark web as part of a database consisting of such accounts.
There are several most common types of account takeover attacks carried out to steal your credentials:
- Social engineering. These types of attacks typically use phishing emails from a service or organisation you are expected to trust, such as your bank, a broker, or a payment system. This email attempts to steal your personal information, including logins and passwords. Social engineers might also call you (that’s called vishing) and pretend to be bank representatives or customer service workers of some of the services you use. Then they attempt to trick you into giving them your login credentials or other sensitive information.
- Malware. It’s easy to download malware accidentally. It may look just like another message from a client with an attached file, or as a file of a book you wanted to read so much. However, if you open it, there’s almost no way back—the program can encrypt all the files on your computer and block your system. The only way to decrypt the files and unblock the system is typically a hefty ransom.
- Automated attacks. This type of ATO attack involves brute-forcing passwords, credential stuffing, where credentials obtained from an attack on one service are used for logging into other services, and password spraying, where a few common passwords are used for logging into different accounts.
- Cyber attacks. Hackers might exploit vulnerabilities in applications and sites to obtain their user databases with logins and passwords. Then they either sell the databases on the dark web or try to use them themselves.
Five tips from OctaFX on how to protect your accounts from takeover
The OctaFX security experts have come up with several important rules that every internet user must follow to protect their accounts from cyber attacks:
- Always use strong passwords. Many strong passwords. Ideally, let each of your accounts have its own password. For critical accounts, create passwords longer than ten characters, with combinations of upper-case and lower-case letters, numbers, and special characters. Use password managers, such as KeePass, to store your passwords.
- Use MFA (multi-factor authentication), such as 2FA (two-factor authentication), to confirm your identity via email notification, smartphone, PIN, fingerprints, or facial recognition. An alternative to MFA is an authenticator app, which generates random six-digit codes every thirty seconds that you must enter when trying to log into your account.
- Don’t use your work email address for personal use. Preferably, use multiple personal email addresses.
- Don’t save your bank cards with any online store. When buying something on the internet, make sure the site you are using is reliable and secure.
- Don’t use public Wi-Fi or any other public network when logging in to important accounts.
- Don’t follow suspicious links and don’t download attachments from suspicious emails that you have not seen before.
Preventive measures against potential ATO attack
Don’t panic. If you received a message indicating that someone is trying to log into your account, check its login history and the devices that have access to it, if such information is available. If anything seems suspicious to you, or you know for certain that it wasn’t you who entered the account, change your password immediately. Look carefully if any information of yours has been altered or removed, and try to recover it.
Four steps to take after an ATO attack
- Try to regain access to your accounts. If you are lucky and the fraudsters haven’t changed your password or removed your recovery phone number, you can access your account and change the password yourself. Remember to do it quickly!
- If you cannot log into your account any more, try contacting the support team of the service or site with which you have the account. Ask them to block your account. Be ready to provide evidence proving that you owned the account in the first place, as well as your identity documents.
- If cybercriminals took over your primary email account, make sure they cannot access other platforms and services linked to it, especially the ones with your bank card added as a payment method. Ideally, call the bank and ask to block all the cards you used for internet payments. Try to remove the compromised email from all accounts you still have control over. Criminals will easily log into most of them, having access to your email.
- If your work email is under attack, immediately notify your employer and ask the tech department to block all access the email account has to sensitive business information.
An account takeover is something anyone may encounter at some point in their internet life. Following the above rules significantly reduces the risk of becoming a victim of ATO and losing all your most important accounts at once.
Hashtag: #OctaFX
The issuer is solely responsible for the content of this announcement.
About OctaFX
OctaFX is a global broker that has been providing online trading services worldwide since 2011. It offers commission-free access to financial markets and a variety of services utilised by clients from 150 countries who have opened more than 12 million trading accounts. Free educational webinars, articles, and analytical and risk management tools the broker provides help traders reach their investment goals.
The company is involved in a comprehensive network of charity and humanitarian initiatives, including the improvement of educational infrastructure, short-notice relief projects, and supporting local communities and small to medium enterprises.
In the APAC region, it managed to capture the ‘Decade Of Excellence In Forex Asia 2021’ award and the ‘Best Forex Broker Malaysia 2022’ by Global Banking And Finance Review, World Finance, and Cfi.Co, respectively.
Services
STAKEHOLDER ENGAGEMENT
Stakeholder mapping, analysis, engagement and communication needs to be detailed to avoid business losses or even worse, a crisis. How can you do this effectively to prevent failure? ...
BUSINESS INTELLIGENCE
Data-driven business decisions have never been as crucial, especially in this era. MGBF leverages off, technology, experience and market presence to aid businesses in making accurate decisions. ...
GOVERNMENT RELATIONS
MGBF provides comprehensive strategic advice and results-focused solutions to solve clients' problems in business-government relations so they can focus on their core business. ...
BUSINESS & BROADER MARKET ACCESS
A critical business challenge is meeting the right decision-makers and potential buyers through the best channel and platform. How will you improve your business competency? ...
Upcoming Events
NETWORKING: LEADING UP TO THE “ASEAN’S FOOD SECURITY NEXUS 2023”
A series of networking sessions with various business associations and trade organisations exploring high-value opportunities for business leaders and entrepreneurs looking to build the relationships that matter.
ASEAN’S FOOD SECURITY NEXUS 2023
This integrated event will include a forum, dedicated business matching, site visits, a gala dinner and golf. The focus will be on regional food security issues and trends in the context of the supply chain, agriculture technology and trade regulations and policies.
INDUSTRY DIALOGUE: THE TWO-WHEELER MARKET – MOBILITY, ESG AND THE ASEAN SUPPLY CHAIN
The ASEAN two-wheeler market represents more than 25 per cent of the global market and growing exponentially. What are the business opportunities for Malaysia especially in the context of mobility, ESG and supply chain?
NETWORKING: BUILDING A RESILIENT FUTURE FOR CRITICAL INDUSTRIES
MGBF is hosting a networking session focusing on building a resilient future for critical industries as part of the networking series leading up to ASEAN's Food Security Nexus 2023.
MGBF In The News
Last week SPM results came out, 373,974 aspirants who have been waiting patiently over the last few months would now know their fate. Some 10,109 have received all A’s, the golden standard of academic success and the ticket to those looking to study the “more advanced” subjects in university. Proudly, […]
The classic knee-jerk reaction is to say, fire the coach, change the leadership of associations, and reduce the funding till they start performing better. This kind of negative reinforcement may work for kindergarten children, but we are dealing with high-performance adults – individuals much further along in their psychological and […]
Since its earliest tea plantations in 1929, Cameron Highlands has grown to become a key player in the agricultural landscape of Malaysia, producing 40 per cent of all vegetables grown. Despite Malaysia shifting its economic focus away from agriculture, the industry remains imperative for food security and the livelihoods of […]
Although at first glance the travel industry and the agricultural sector appear to have nothing in common, they actually share more than meets the eye. The economic benefits of tourism to the agricultural sector can be multiplied several times over. “Tourism brings the end consumers closer to the source, which […]
The Malaysia Global Business Forum (MGBF) recently held a high-level roundtable themed ‘Designing the Future of the Digital Economy’, attended by industry leaders and business associations. The guest of honour was Yang Berhormat Syerleena Abdul Rashid, the Member of Parliament (MP) for Bukit Bendera in Penang. The MP’s Special Session […]
The Malaysia Global Business Forum (MGBF) will be hosting a roundtable on ‘Designing the Future of the Digital Economy’ on 23 February 2023. It is the culmination of the first three MGBF Exclusive Roundtable Series titled ‘The Evolving Threat Matrix in the Digital Economy’ held throughout 2022. According to the […]
The Founding Chairman of the Malaysia Global Business Forum (MGBF), Nordin Abdullah, today spoke on Bernama TV’s leading English talk show, The Brief, hosted by Jessy Chahal, on the topic of a stable political reality and what that means for the Malaysian economy. Nordin said, “The first thing that it […]
More than 1,100 years ago, Muhammad ibn Musa al-Khwarizmi was developing the mathematical formulas that we know today as algorithms which now have become so intertwined with the business fortunes of global media giants and the very fabric of geopolitics. A series of recent high level international reports have revealed […]
KSK Land has been recognised by the Malaysia Global Business Forum (MGBF) for its role in attracting high net-worth individuals to Malaysia post-pandemic. The first challenge in investor attraction is “selling” the country. In the context of Asia, Malaysia is competing with some very established investment destinations. The second […]
Malaysia, in particular Kuala Lumpur, continues to position itself as a regional centre to do business, educate a family and enjoy a global lifestyle. One company, KSK Land, has taken the lead in positioning itself and the city of Kuala Lumpur as a property investment destination for the global citizen […]
The upcoming budget represents an opportunity to build resilience in the critical sectors that will form the backbone of the country’s future-facing economic ambitions. This however needs to be achieved in the context of managing the community sectors most impacted by COVID-19 over the past two years. The Keluarga Malaysia (Malaysian Family) […]
KUALA LUMPUR, 6 July 2022 – As the global economy continues to deal with unprecedented levels of disruption caused by the pandemic and the conflict between Russia and Ukraine, the convergence of energy security and food security issues has become a front-of-mind issue faced by policy makers and consumers alike. […]
KUALA LUMPUR, 23 June 2022 — Malaysia Global Business Forum (MGBF) ties up with scoutAsia to ensure that businesses are equipped with deeper regional insights. The past two years has seen a massive shift in the way businesses are conducted with digitisation, digitalisation and automation continuously being adopted to improve […]
KUALA LUMPUR, 25 May 2022 – The Malaysia Global Business Forum (MGBF)’s exclusive roundtable on ‘Security Concerns in Critical Value Chains’ was held in a hybrid setting yesterday at the Eastin Hotel Kuala Lumpur. The guest of honour was Yang Berbahagia Tan Sri Dato’ Seri Rafidah Aziz, former minister of […]
The Malaysia Global Business Forum (MGBF) has released a report following the roundtable on ‘Digital Resilience in the Corporate Sector’, which was recently held in Kuala Lumpur. In attendance as guest of honour was Deputy Minister of Communications and Multimedia, Datuk Zahidi Zainul Abidin. The report recommended several critical development […]
