Study reveals increasing level of credential attacks

Study reveals increasing level of credential attacks

A study from Axur reveals a monumental increase in credential attacks in Latin America.

Digital tools and the use of the Internet are becoming more and more fundamental in our daily lives. Years ago people believed that one of the basic principles to avoiding a malicious site was to verify that the website we accessed had the SSL certificate.

The SSL certificate is a small data file that digitally links a cryptographic key to an organization’s data. This key, in turn, activates the HTTPS security protocol and lock, which we can find at the beginning of the URL of most of the web pages we visit.

In theory, this padlock guarantees us a secure connection. Now, this has become a myth since various reports determine that cybercriminals also use the SSL protocol to gain the trust of netizens.

Axur, a company dedicated to monitoring and responding to digital risks, has presented a report on Online Criminal Activity in Latin America for the first half of 2021. This reports that this activity has become a trend among cybercriminals since 75% of the fraudulent phishing sites identified by Axur had the HTTPS certificate installed at the time of detection.

Axur identified this movement last year. By 2022, this trend is expected to consolidate as a practice among cybercriminals.

Percentage of domains with and without HTTPS protocol

While it is true that the report details that the number of phishing cases decreased by 32.04% compared to the previous semester, the reality is that cybercriminals are increasingly using better tactics so that the user can fall more easily for the fraud.

Additionally, Axur warns that phishing figures increase in October and November, close to Cyber Monday or Black Friday. They are significant promotional events and they have a high activity of e-commerce, which makes them prone to a rise in cyberattacks.

Another common cybercrime is the exposure of credentials.  A total of 2.32 billion credential breaches were detected in the first quarter of the year and 181.5 million in the second quarter, giving a 729.8% increase than the total identified by Axur in the first half of 2020.

Although there was a significant increase in this crime compared to the previous year and not a decrease, the reality is that it was to a greater extent due to massive data leaks, added to the number of weak passwords that accompanied these credentials.

For example, the password ‘123456’ was used by 665,000 people in the first half of 2021. According to the Axur report, it reached 37.1% of all detections, a figure that represents almost double the number of detections of the password in second place. This was ‘123456789’ with 320,000 detections (17.9% of the total).

A graph presented by Axur reveals the most sensitive passwords, where we can see the numerical sequences that are the most used. Remarkably, in a brute force attack, such numeric passwords of up to nine digits can be discovered quickly, in less than one minute.

In the report’s section on brand misuse, Axur reveals an 18.1% drop in the total volume of brand incidents in Latin America, which went from 138,199 in the last semester to 116,999 in the first half of 2021.

However, there was a 6.9% growth in false profiles on social networks, 14.7% in fraudulent mobile applications, and 3,356 faulty apps linked to famous brands associated with crimes related to brand misuse.

Figures reveal that although the level of cybercrime has decreased in volume, cybercriminals are increasingly careful and selective of the means they use to commit fraud. Hence, it is crucial for organizations to have optimized digital risk detection and response systems and that netizens are increasingly alert so as not to fall into the hands of cybercriminals.

Browse our latest issue

LATAM English

View Magazine Archive