A new method when stealing customer data is to spoof the police because messages containing malware are familiar, users have defenses. In this new way, it is easy to obtain information from users and thereby conduct illegal activities. If you do not know what ISP is, please preview to understand better. This article will clarify the content so that users can be more careful about security.
What is an ISP, how can hackers impersonate the police?
Table of Contents
- Những cách xâm nhập vào email đánh cắp thông tin cá nhân
1.1 Weak password
According to a survey, up to 80% of cyberattacks target weak passwords because 55% of users use the same password every time they log in.
Some things you need when setting a password:
- Use a unique password for a separate account
- Set a minimum of 20 characters and preferably unrelated nonsense characters.
- Insert special characters: @, #, *, $, &.
- It is recommended to use a password manager like Lastpass.
- 2-layer account security.
1.2 Phishing emails
An email will be sent to your email, possibly via your ISP, with content asking you to enter your password or click on a link to ensure the safety of your account, then when you click it, it will lead to infected websites. The main target of hackers are small businesses with the type of intrusion that looks like a warning.
Hacking into email passwords through ISP
- Keep your software, operating system, and browser up to date with the latest version.
- Do not automatically enter the link in the outbound email, re-enter the URL in your browser.
Through an ISP, a form of attack that steals your information and posts pornographic information until you pay a ransom to get the site back. But it is worth noting that it will not be easy to get it back, the attacker will demand a higher ransom every day.
- Beware of all unknown websites, suspicious links.
- Regularly back up data.
- Using software can test new activities.
- Xâm nhập thông tin cảnh sát để lấy dữ liệu khách hàng
The new action taken is to steal the identities of law enforcement agencies and use them to force companies to provide sensitive customer information.
According to the report, all an attacker needs is access to a single email address belonging to any law enforcement agency and a little knowledge of so-called urgent data requests ( EDR).
2.1 Speed of time
Usually, when the police want data from companies like Internet Service Providers (ISPs), web hosting companies, etc., the police need a court order but the application process is relatively lengthy. Sometimes police need to act quickly to prevent possible injury or death. In such cases, they can send an EDR and request an immediate handover of the data without going through the ISP provider.
In the same time, hackers can penetrate quickly through ISP
When businesses receive such a request, especially if it comes from a legitimate email address, they have a choice: investigate who the request is valid and potentially fatal. it or not, or deliver the data.
Data management is a big challenge, especially for large enterprises, and most of these companies have dedicated departments working on such matters. However, in the same time period there were many law enforcement agencies contacted. Therefore, businesses sometimes do not pay much attention to fake news. This is an opportunity for hackers to get confidential information of businesses.
Mat Bao provides new information, useful knowledge about technology and business for you. Follow Mat Bao to update more information.