The pandemic has provided more opportunities for cybercriminals to carry out their activities alongside the massive use of the web by a wider audience of users.
Compared to the first half of 2020, in fact, in the second half of the year, Italian users who had been warned of a cyber attack on their personal data grew 56.7%. In particular, the data refers to alerts about information on the dark web (a group of web environments that do not appear through normal internet browsing activities and require specific browsers or targeted searches), which are roughly twice that of a web audience.
In general, accounts linked to entertainment sites (especially online games and live broadcasts) remain the most vulnerable to personal data theft (51.5% of all cases). On the other hand, social networks saw a significant increase in risks, jumping from 1.6% to 31.8%.
These are some of the evidence that emerged from the cyber observatory that established him Crave, Which aims to analyze the vulnerability of people and companies to cyber attacks and explain the main trends related to the data presented in the open web and dark web environments, the type of information, the areas where the data traffic is concentrated and the countries most exposed, in addition to providing some ideas for dealing with cyber risks in a conscious manner.
Italy is among the worst affected countries
In view of the ranking of countries most affected by the phenomenon of e-mail and password theft on the Internet, the United States of America, Russia, France and Germany came in the top, followed by the United Kingdom and Italy, which ranked sixth in general. The top ten were completed by Poland, the Czech Republic, Japan and Brazil.
Another area of investigation in the cyber observatory is that which is devoted to ranking the continents most vulnerable to exchanging illicit credit card data. This ranking is led by North America, followed by Europe and Asia, but with a large gap from the first in the classification. At the bottom of the ranking we find Africa and Oceania. Among the individual countries that participated the most, we find the United States at the top, followed by France and Brazil, who completed the podium, while Italy occupies the eleventh place.
“The victims are usually men, in 65.6% of the cases, between the ages of 41 and 60, with nearly 54% of the total,” explains Beatrice Roubini, Executive Director of the CRIF. “There are undoubtedly behaviors that can usefully mitigate risk. For example, on the consumer side, the point of interest is represented by the ways in which we define and manage passwords related to various accounts and the interest with which we respond to emails, messages, or phone calls. Commercial, which contains a website or e-commerce site, it is important to ensure protection systems but also to immediately intercept potential security vulnerabilities resulting from legacy software or service configurations, ”Rubeny adds.
Types of data circulating on the dark web
According to the Observatory, in the second half of 2020, the personal data that is circulating mainly on the dark web, and therefore it is more vulnerable, are passwords, e-mail addresses of individuals or companies, user names, and phone numbers. These valuable contact details can be used to attempt fraud, for example through phishing or phishing. However, there is no shortage of sharing data of financial value, such as credit cards and IBANs.
It is even more interesting to note the main groups of data that are intercepted on the web. Emails are always associated with a password (in 96.3% of cases), while cases where phone numbers appear with passwords are significantly reduced (-52%).
If those on the dark web are mostly personal email accounts, there is a certain acceleration at the forefront of breaches on business accounts, which within 6 months saw an increase of + 27.8%.
Regarding credit card data, in addition to the number, there are always resumes and expiration dates (in 98.6% of cases) and in 20.8% of cases, the name and surname of the cardholder is also found.
Most used passwords
According to an analysis of passwords discovered on the dark web, “123456” is in first place among the top 10 most used passwords in the second half of 2020, followed by “123456789” and then “qwerty”.
Hence, these are very simple combinations of numbers and letters that are easy for cyber criminals to intercept. On the other hand, the use of these basic passwords reveals a lack of experience or laziness on the part of web users, who often do not follow the basic rules to protect themselves from potential intrusions, for example by choosing long, different passwords for any important account, with groups of Letters, numbers and symbols have nothing to do with personal information. It will also be important for users to activate two-factor authentication wherever possible to prevent cybercriminals from entering the accounts even if they discover their login and password information, in addition to paying close attention to the use of public WiFi networks, as even the most secure passwords can be intercepted. And the risks associated with storing credentials on public or shared computers.
For all cybersecurity news, we refer you to this section of macitynet.
