‘Cybercriminals have complete control’ of the phone if you make common mistakes

SMARTPHONE owners have been warned about certain hacker tactics that could see their data stolen.

A recent article from Keeper Security, a cybersecurity company, sheds light on some online threats: password spoofing and credential stuffing.

Smartphone owners have been warned about certain hacker tacticsCredit: Getty

“Password spraying and credential stuffing have a lot in common, but the key difference is in how the attack is carried out,” the blog post reads.

SPRAY PASSWORD

Password spraying is a brute-force attack that targets multiple accounts with the same common password.

Hackers often obtain large lists of usernames and email addresses through data breaches or leaked information.

They then automate the process of trying out a set of commonly used passwords (e.g. “password123”, “123456”) for these usernames on various online platforms.

Password distribution is particularly dangerous because many users tend to reuse passwords for different accounts.

It can also bypass account lockout mechanisms triggered by numerous failed attempts on a single account.

CREDENTIAL FILLING

Unlike password spraying, credential stuffing uses stolen credentials (usernames and passwords) from previous data breaches to attempt unauthorized access to other accounts.

Attackers obtain these credentials through various means, such as phishing and malware.

And once attackers gain access, they can steal personal data, commit financial fraud or even launch new attacks.

I am a security expert. Uninstall 34 Google apps now or you risk them secretly infecting your device

HOW TO STAY SAFE

Keeper Security recommends that you take the following steps to protect yourself from password spreading.

First, it’s important to have strong, unique passwords for every online account.

A strong password consists of both upper and lower case letters, numbers and special characters and is at least 16 characters long.

It should also not contain personal information or commonly used words.

Users should enable multi-factor authentication (MFA) whenever possible as it adds an extra layer of security.

Using a password manager can also help you generate hard-to-crack passcodes and store them securely.

Finally, you’ll want to enable login notifications on your password manager to detect if an unauthorized user is trying to access your account.

“These notifications will alert you when someone has attempted to log into your account or an unknown user has recently logged into your account,” Keeper Security said.