Learning from breaches in the news

Photograph of black and silver headphones sitting on black and silver microphone, with the Parmenion 'Spotlight on Infosec' logo sitting on top
For financial professionals only

Information security never ceases to be a hot topic.

Here, Sarah Coles looks at three recent breaches and shares her takeaways on how you can stay protected. 

Roku suffered another data breach, this time affecting 576,000 accounts [1]

What happened?

Streaming giant Roku made the news in April as half a million accounts were compromised in a credential stuffing attack. It was discovered during an investigation into a similar breach in March. 

What’s credential stuffing?

Credential stuffing is where attackers break into websites using stolen or leaked login details from an unrelated source.  The attackers hope their victims reuse passwords across different sites, so credential stuffing will allow successful logins on other websites too.

Attackers use automated tools to attempt multiple logins at the same time, sparking a race between the hackers accessing the information they’re after and security teams noticing and shutting down the attack.  

Credential stuffing attacks are extremely successful because people still reuse passwords and don’t enable Multi-Factor Authentication (MFA), which can prevent unauthorised access to accounts.  Attackers can simply try a database of compromised passwords against the site’s login page, rather than spend time attempting to penetrate a company’s network.

Suffering a breach like this has the potential to cause reputational damage because the attacks often make headlines, as it has to Roku. 

Key takeaways

  • Always use (and encourage your clients to use) unique passwords, especially for high-risk accounts, such as financial platforms.
  • Enable multi-factor authentication (MFA) on high-risk accounts. This is highly effective in preventing credential stuffing attacks (and other cyber attacks) as it requires an additional layer of information (like a push notification to an authenticator app) as well as your username and password.
  • Sign up to services that monitor the dark web (haveibeenpwned.com is a great tool and one I always recommend). They can notify you when your information is being sold online, so you can quickly update your details.

Pig-butchering scams steal more than $75bn globally [2]

The charmingly named pig-butchering is a type of digital fraud.   The name refers to the practice of fattening a pig before slaughter.  

How does it work?

Scammers contact their targets, seemingly at random, and attempt to gain their trust (often through false romantic relationships), eventually luring them into making fake crypto investments, before disappearing with the stolen funds.   

Often, the attacker will give a big initial return of money from a small investment made by the victim. This gives them confidence that the scheme is legitimate and encourages them to keep investing bigger and bigger funds. 

These scams are often run by organised crime groups who set up sophisticated fake websites, carefully research their victims and then spend months (or sometimes up to a year) gaining their trust. Thousands of people have fallen for pig butchering, investing life savings that they’ll never get back. 

Key takeaways

  • Don't trust unexpected texts or direct messages from a stranger and never give money to someone you don't know without proper verification. It's likely to be the first step in a scam.
  • Warn family, friends and clients about popular scams if you think they may be vulnerable.

Info Stealers target stored browser credentials [3]

An info stealer is a type of malicious software (malware) that covertly steals sensitive information from a victim’s device.  

How does it work?

Info stealers can get on to a device in several ways:

  • there may be vulnerabilities in a device, software, or browser that an attacker can exploit, or
  • the victim may be tricked into downloading the malware from a legitimate looking email attachment, website, or mobile app.

Once they’ve installed the malware, there are various features an attacker can use: the ability to steal usernames, passwords, web browser cookies or other personal or sensitive information being stored by browsers, which could be used to hijack their victim’s identity and take over their online accounts.

A new report from cybersecurity firm ReliaQuest says 21% of its customers' security incidents in 2023 involving unauthorised credential access were traced to attackers stealing information from browsers.  

Key takeaways

  • Avoid using browser password managers (which are often linked to an email account). A breach of the email account means a breach of the information stored in your password manager. Instead, opt for dedicated password manager tools.
  • Always keep your device, software, and browser up to date, and be cautious when you're opening email attachments, downloading new applications, software or files.

[1] https://www.engadget.com/roku-suffered-another-data-breach-this-time-affecting-576000-accounts-170442223.html

[2] https://www.dlnews.com/articles/snapshot/pig-butcherers-rake-in-billions-according-to-new-study/

[3] https://www.bankinfosecurity.com/alert-info-stealers-target-stored-browser-credentials-a-24490

This article is for financial professionals only. Any information contained within is of a general nature and should not be construed as a form of personal recommendation or financial advice. Nor is the information to be considered an offer or solicitation to deal in any financial instrument or to engage in any investment service or activity.

Parmenion accepts no duty of care or liability for loss arising from any person acting, or refraining from acting, as a result of any information contained within this article. All investment carries risk. The value of investments, and the income from them, can go down as well as up and investors may get back less than they put in. Past performance is not a reliable indicator of future returns.  

Speak to us and find out how we can help your business thrive.