Did you know that its fairly easy for hackers to crack your password? Microsoft recently reported that 90% of passwords can be cracked in less than 6 hours.

So, it turns out that passwords (used in isolation) are not really adequate in protecting you, your data and your online accounts.

Even today despite what we know about how easy passwords can be to crack, they are the primary method for authentication. That’s why we’ve put together a list of the methods cyber criminals use in order to educate you and inform you on how important it is to adopt a multi-layered approach to cyber safety and security…


“Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.” – CSO Online


“Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.” – Cisco

Brute force attack

“In a brute force attack, adversaries attempt to sign in to an account by effectively using one or more trial-and-error methods. Many failed sign-ins occurring over very short time frequencies, typically minutes or even seconds, are usually associated with these attacks. A brute force attack might also involve adversaries attempting to access one or more accounts using valid usernames that were obtained from credential theft or using common usernames like “administrator”. The same holds for password combinations.” – Microsoft

Dictionary attack

Exhaustive key searches are the solution to cracking any kind of cryptography, but they can take a very long time. When an attacker has a high degree of confidence that the password they’re trying to crack consists of certain words, phrases, or numbers it can be much quicker to compile a dictionary of possible combinations. Commonly used password lists, popular names, pet names, movie or television characters, and other words can all be part of a dictionary list. – Tech Republic

Social Engineering

“Social engineering is the art of manipulating people so they give up confidential information. The types of information these criminals are seeking can vary, but when individuals are targeted the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software–that will give them access to your passwords and bank information as well as giving them control over your computer.” – Webroot

Criminals use social engineering tactics because it is usually easier to exploit your natural inclination to trust than it is to discover ways to hack your software.  For example, it is much easier to fool someone into giving you their password than it is for you to try hacking their password (unless the password is really weak).


Now that you understand more about some of the common hacking techniques, we’d like to point out that most of these will be unsuccessful if you adopt multi factor authentication. Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.

So remember – no matter how difficult you think it may be to guess your password is, cyber criminals will find a way.

There are multiple layers you should adopt when protecting your business and ensuring you can stay cyber safe. If you’re concerned about cyber security or would like to find out more then please do not hesitate to get in touch.

Want to find out if your credentials have been stolen and listed on the dark web? Contact us for a free dark web scan.



By submitting this information you agree to joining our mailing list