On July 17 Ana María Linares (32) received an e-mail that had kept her cold. "Let's keep going straight away, I know your password is ******** More importantly, I know your secret and I have proof for that." That was part of the text that was read in the subject of the message Linares, who lives in Lima (Peru), panicked, and indeed the word matched a password he had used two years ago.
When opening the post, the situation became more worrying. They told him that malware had been installed via a pornographic page that was supposedly opened from his computer. "Your internet browser began to function as an RDP (remote desktop) with a keylogger that gave me access to your screen and also to your webcam.After that, my program compiled all contacts from your Facebook and e-mail," read the message . The cybercriminal assured that he had intimate and private videos from the victim and that if I did not pay him $ 2,900 (in bitcoins) within a period of 48 hours, he would make those images public.
"The world broke in five minutes, they were the second most awful thing in my life," recalls Linares. But in addition to the content that the cyber criminals reportedly agreed to, their main concern was that they had stolen the access information on their bank accounts. He feared that not only his privacy was in danger, but possibly also his savings.
The episode of Linares does not stand alone. The cyber security company Eset has received several reports from people who have received the same e-mail. The company discovered that the passwords had been stolen due to leaks in the past with certain services on which the victims were registered.
Cyber criminals have obtained the databases from platforms such as Adobe, Bitly, LinkedIn, Myspace and Tumblr (which have been the target of various cyber attacks in recent years) and published the data on some internet sites.
Instead of going from user to user, they go to the database and get millions of passwords in a single attack
"Instead of going from user to user, they go to the database and get millions of passwords in a single attack," says Camilo Gutiérrez, head of the Eset Research Laboratory.
The experts discovered, however, that no intimate video & # 39; s or malicious code had been installed on the victims' computers. It was all about a social engineering campaign, that is: those practices that attackers use to obtain confidential information through various manipulation techniques. In other words, they invent scenarios to cheat.
"The attacker may have the passwords, but everything else is untrue, it is a tactic to generate terror with social engineering because it has that component with something that is true," says Gutiérrez.
But what other tricks do cyber criminals use to access passwords and possibly their personal data?
Edwin González, cybersecurity expert at Junpack, notes that phishing (or imitation of entities) is one of the most common modalities.
"For example, they promise a day off spa, but they have to give something back, so they ask for a registration with the e-mail password," he says. In times of elections it is customary to find massive e-mail campaigns in which the user is informed that he has to pay a fine for not attending the vote.
On the other hand, if the person downloads a program or content with malware without realizing it (either from an e-mail or an unofficial site) it is possible that they "install a malicious code that begins to record everything that the user, including when he gets to Facebook, "Gutiérrez explains, adding it Attackers can also exploit vulnerabilities when the operating system is not up-to-date.
The risk increases, taking into account the fact that many users use the same password for different services, so when there are leaks, many are exposed. "When you subscribe to a service on the internet you accept the general terms and conditions and accept that these situations can happen," he says.
To get more protection, González Recommend regular change of passwords, check if websites have https certification and configure the double authentication factor. "For example, Google has a tool called & # 39; google authenticator & # 39 ;, so that in addition to typing the password, a code is generated by the application.If the criminals have stolen the password and try to verify it, they have the second factor needed and the user can now repair or block his account, "he says.
The specialists repeat that it is vital to have different passwords for each service and that they therefore recommend the use of password managers, that is, applications that store the keys in encrypted databases. also You can check whether your e-mail has been compromised by filtering by going to www.haveibeenpwned.com.
"Sometimes you do not think you're happening or that it can be a joke, in fact my family mocked, but I tell them that others do not live the same and know how important it is to change passwords," Linares repeats.
ANA MARÍA VELÁSQUEZ
DESIGN TECHNOLOGY@ anamariavd19