Account Takeover

1. 

   Phishing #7: Social Engineering

   In this special edition of our phishing series, we want to show how social engineering works in real life and how it can also affect the digital world.

2. 

   Phishing #6: Spearphishing, Watering-Hole Attack and Whaling Attacks

   Discover the dangers of spearphishing, watering hole and whaling attacks in our new blog post. From personalized attacks to compromising trusted websites - we show you how these phishing methods work and how you can recognize them.

3. 

   Effects of Account Takeover

   From fictitious cell phone contracts, hacked Ebay accounts, hijacked Twitter profiles and attacked company accounts. Identity theft has many faces! We regularly discuss how this can happen in our blog. In this article, we want to shed some light on the possible consequences of account takeover in a non-technical way.

4. 

   The invisible threat: How stealer malware steals your information

   Our article takes a look into the world of stealer malware - hidden digital thieves that copy sensitive data. We shed light on how it works and the origins of an infection with this malware. Finally, we'll go into proven defensive measures. Learn how you can protect yourself and your business against the invisible threats from cyberspace.

5. 

   ProSBAcT Unites Identeco and StartUp Secure in Battle Against Account Takeovers

   Identeco launches with ProSBAcT! From the first of June 2023 ProSBAacT, a joint project of Identeco and the funding initiative StartUp Secure of the Federal Ministry of Education and Research will run. At this point, we would like to report briefly on what we plan to do with ProSBAcT and how we benefit from working with ProSBAcT.

6. 

   Phishing #5: Malvertising, Https-Phishing und Evil Twin

   Our blog series on phishing attacks continues. Learn about malvertising, HTTPS phishing and Evil Twin attacks. We explain not only how such attacks happen, but also how you can protect yourself against them.

7. 

   Man-in-the-Middle Attacks: How do you protect yourself from the invisible threat?

   Man-in-the-middle attacks, nowadays also called machine-in-the-middle attacks, are attacks where the direct connection to a website or service is redirected by an attacker in such a way that he can read the user's input and thus gain access to their accounts. In this blog, you will learn not only how this happens, but also how you can protect yourself from it.

8. 

   World Password Day 2023 - Current Recommendations

   World Password Day on the first Thursday in May is a reminder of the importance of strong passwords and proven best practices. NIST and BSI recommend passphrases, MFA and regular checks for compromise. We explain tips for choosing strong passwords and handling account details in our article.

9. 

   Phishing #4: Pharming Attack, Browser in browser Attacks and Doc Clouding Attacks

   Phishing attacks can occur in everyday internet life. Pharming redirects the user to a fake website, often via a pop-up window. In doc clouding, attackers pretend to be colleagues and share links, e.g. in comments. In this article you will learn more about these types of attacks.

10. 

    Multifactor Authentication (MFA): Only as strong as the weakest link in the chain

    In this article we are discussing multifactor authentication. The different kinds will be explained (knowledge, possesion, biometric and inherence), as well as some examples of possible attacks.

11. 

    Phishing #3: Smishing, Vishing and Email Clone Phishing

    Introduction of three types of phishing attacks: Smishing (SMS scam), Vishing (phone scam) and Email Clone Phishing (imitation of legitimate emails). The goal is to trick users into revealing information or installing malware.

12. 

    Verify Login Credentials to Protect against Credential-Stuffing Attacks

    To protect users from account takeover attacks, online platforms must ensure an appropriate level of security. A specialized service provider that checks login information against known leak data offers significant advantages over individual checking by each user.

13. 

    Credential Stuffing: A Threat to Online Platforms and Their Users

    Credential Stuffing Attacks with leaked login data put web portals at risk. Protective measures include regular checks for leaked logins. Service providers offer a fast, user-friendly and secure solution.

14. 

    How often should you change your passwords?

    After choosing the right password, the question arises if and how often you should change your passwords.

15. 

    Phishing #2: CEO Fraud, Corporate Phishing and Angler Phishing Attacks

    In this second part of our series on Phishing CEO Fraud, Corporate Phishing and Angler are introduced.

16. 

    Phishing #1: Email Phishing, Baiting and Search Engine Phishing

    Email phishing, baiting and search engine phishing - what is it? In this multi-part article, we give a brief introduction to the different variants that are used to deceive users.