
Password Attacks Now Leading Cause of Ransomware: Strengthen Your Login Security Today
Email based attacks on passwords overtook software vulnerabilities as the top way criminals launch ransomware. Even accounts with extra security failed to stop these attacks.
Source
Dark Reading
Original headline: Identity Attacks Overtake Exploits as Top Ransomware Cause
Plain-English summary by GetCyberRight. Read the full report at the source above.
Email attacks targeting user credentials became the number one way ransomware gets into systems last year, overtaking software exploits.
This means criminals are having more success stealing or guessing passwords than breaking through software vulnerabilities. Even more concerning, multifactor authentication was deployed in 97% of the credential based attacks but still failed to prevent the compromise. This affects anyone with online accounts, which means virtually every family. Email accounts, online banking, social media, work systems, and school portals are all potential targets. Criminals send phishing emails designed to trick you into revealing your password or clicking malicious links. Once they have access to one account, they can often break into others, especially if you reuse passwords. The finding that multifactor authentication was present but failed in 97% of cases shows that criminals have found ways around this protection, though it still provides an important security layer.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
Take these steps immediately to protect your accounts:
- Review your email inbox and spam folder for suspicious messages asking you to click links or verify account information. Delete these without clicking.
- Change passwords on your most important accounts, especially email, banking, and any account connected to payment methods. Use long, unique passwords for each account.
- Enable multifactor authentication on every account that offers it, even though it is not foolproof. Use an authenticator app rather than text messages when possible.
- Check your email account settings for suspicious forwarding rules or unfamiliar devices that have accessed your account.
- Educate everyone in your household, especially children and elderly family members, never to click links in unexpected emails, even if they appear to come from known companies. Build lasting security habits by using a password manager to create and store unique passwords for every account. Treat your email account as your most critical account because it can be used to reset passwords on other services. Be suspicious of urgent messages pressuring you to act quickly, as this is a common criminal tactic. Regularly review account activity and connected devices on your important accounts. Talk to your family about these threats openly so everyone understands that clicking the wrong link can have serious consequences for the whole household.
Curated from trusted cybersecurity sources by GetCyberRight
Source: Dark ReadingStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Software Developers Targeted in Supply Chain Attack: Why This Matters for Everyone
Hackers compromised developer tools to spread malware through trusted software channels. The programs you use daily could be affected by these attacks on the software supply chain.
2 min read
Stolen Passwords Now Lead Cause of Ransomware Attacks
Email attacks that steal login credentials have become the top way ransomware gets into systems, even when two-factor authentication is turned on.
2 min read
Zoom Security Alert: Update Your App to Protect Your Account
A serious flaw in Zoom for Windows could let attackers take over your account without your password. If you use Zoom on Windows, update the app right away.
2 min read
Update Your Zoom App Now to Prevent Account Takeovers
Zoom discovered a critical security flaw in its Windows app that could let attackers hijack your account. Update your Zoom software immediately.
2 min read