Are Your Company’sCredentials for Saleon the Dark Web?

Contact Us Today for a Free Preliminary Dark Web Scan !

GRIT

How are Credentials Compromised?

icon

Phishing

  • Send e-mails disguised as legitimate messages
  • Trick users into disclosing credentials
  • Deliver malware that captures credentials
icon

Watering Holes

  • Target a popular site: social media, corporate intranet
  • Inject malware into the code of the legitimate website
  • Deliver malware to visitors that captures credentials
icon

Malvertising

  • Inject malware into legitimate online advertising networks
  • Deliver malware to visitors that captures credentials
icon

Web Attacks

  • Scan Internet-facing company assets for vulnerabilities
  • Exploit discovered vulnerabilities to establish a foothold
  • Move laterally through the network to discover credentials

 

39%

Percentage of adults in the U.S. using the same or very similar passwords for multiple online services

Passwords are a twentieth-century solution to a modern-day problem. Unfortunately, user names and passwords are still the most common method for logging onto services including corporate networks, social media sites, e-commerce sites and others

28,500

Average number of breached data records, including credentials, perU.S.-based company

User names and passwords represent the keys to the kingdom for malicious attackers. Criminals who know how to penetrate a company’s defenses can easily steal hundreds or even thousands of credentials at a time.

$1 - $8

Typical price range for individual compromised credentials

A criminal dealing in stolen credentials can make tens of thousands of dollars from buyers interested in purchasing credentials. And by selling those credentials to multiple buyers, organizations that experience a breach of credentials can easily be under digital assault from dozens or even hundreds of attackers.

What Can An Attacker Do With Compromised Credentials?

img attacker
  • Send Spam from Compromised Email Accounts
  • Deface Web Properties and Host Malicious Content
  • Install Malware on Compromised Systems
  • Compromise Other Accounts Using the Same Credentials
  • Exfiltrate Sensitive Data (Data Breach)
  • Identity Theft

Protect Against Credential Compromise!

img attacker

While there is always a risk that attackers will compromise a company’s systems through advanced attacks, most data breaches exploit common vectors such as known vulnerabilities, unpatched systems and unaware employees. Only by implementing a suite of tools including monitoring, data leak prevention, multifactor authentication, employee security awareness training and others - can organizations protect their business from the perils of the dark web.

Need help navigating your technology lifecycle to grow your business? Our FREE eBook will be with you every step of the way.Download here
+