Tag: Identity Theft
A dictionary attack is a type of identity breach where the hackers steal the password of the victim to gain access to personal or corporate information.
What Is A Dictionary Attack?
- It is one of the cyber attacks where cyber criminals take advantage of the user’s habit of using common dictionary words as a password. Most internet users have a tendency to use simple or easy to remember words and phrases as their passwords.
- In simpler words, it is an attempt to gain unauthorized access to a computer system or user account by using a large set of words to generate a potential password.
- The traditional approach used by the hackers involved multiple attempts by making use of common words found in the dictionary. However, the attack has now evolved and the attackers make use of databases that include common dictionary words and passwords leaked in previous attacks to crack the password.
- Some software are also available that help in cracking a password by using the password databases and producing common variations. In contrast to a brutal force attack, a dictionary attack tries only the password possibilities that are considered to be most likely to succeed.
Pre-Computed Dictionary Attack:
It involves pre-computing a list of hashes of common dictionary words these hashes are stored in a database. Once completed, the pre-computed database can then be used anytime to instantly lookup for the password hashes to crack the corresponding password. Although a lot of time is consumed in preparation, the actual attack can be executed faster than a simple dictionary attack.
Common Cracking Software Used In Dictionary Attack:
- Burp Suite
- Crack
- Ophcrack
- Cain and Abel
- Aircrack-ng
- John the Ripper
- LophtCrack
- Metasploit Project
How To Prevent A Dictionary Attack?
In order to prevent a dictionary attack, following steps can be helpful:
- Change the security settings to lock the account after reaching a maximum number of authentication attempts.
- Use multi-factor authentication to log in.
- Use special characters and extra syllables in the password.
- Use longer passwords.
- Avoid reusing old passwords.
For more information on what is a dictionary attack and how to prevent it, contact Centex Technologies at (254) 213 – 4740.
May 26, 2016
Identity theft has always been a major concern for the internet users. Cybercriminals constantly attempt to breach the personal information, such as user names, passwords, social security numbers, bank account details etc. to carry out various online scams. They may also make unauthorized purchases on the victim’s credit card and breach into email account to send out spam mails or initiate phishing attacks.
The following security measures can be implemented to protect yourself against identity theft:
- Be Aware Of What You Share: You must be cautious about the information you share through your social media profile. Make sure you do not post your address, contact details, social security number, date of birth etc. as these can be easily used by the hackers to steal your personal information. Configure the privacy settings at the highest level to safeguard your account.
- Create Strong Passwords: Maintaining password security across all your online accounts is critical to protect them from being hacked. Create strong and hard-to-crack passwords comprising a combination of uppercase/lowercase alphabets, numbers as well as symbols. Use a different password for each account and update it frequently.
- Protect Your Mobile Device: There are many apps that allow you to conduct banking transactions, shop, pay taxes or track your finances online. Make sure you download the app or software only from a credible source. Check its ratings and reviews before downloading as well as confirm what information it may access on your mobile. Also, block the installation of apps from unknown sources on the device.
- Watch Out For Phishing Scams: You should never trust emails that claim to be from an authentic source and ask you to click on a link or provide your personal information, such as address, account number, credit card details etc. Do not reply to such emails or download any attachment contained in it. Instead, you can directly contact the concerned company to know about the legitimacy of the email.
- Use Security Software: Key loggers, backdoors as well as other malicious programs can allow the hackers to gain access to your computer and steal information. These programs may infect your computer through email attachments, drive-by downloads or clicking on a malicious advertizement. After this, the hacker may attempt to steal information by session hijacking, accessing files and documents or recording keystrokes to breach the password.
For more information and prevention tips for identity theft, contact Centex Technologies at (855) 375 – 9654.