67% of Russians have encountered scammers trying to steal their accounts.

Most of the time, attackers gain access to user accounts through leaks that occurred on third-party resources. Many people use the same usernames and passwords for all online services, so scammers, upon gaining access to one, use the login details to access others, information security experts say. OKAY.

Another popular method among cybercriminals is to automatically search for different combinations and characters to find the correct password and login. It all starts with something simple: last name, phone number, year of birth, etc. Scammers also often change passwords. Therefore, if the user changed the password on the resource, but added only one extra digit, such a password is also easy to hack.

Third are phishing attacks, when attackers impersonate resources that the user trusts (banks, workplace, stores, etc.) and offer to follow a link, scan a QR code and enter data in a “familiar” but fake interface.

More than 40% of respondents reported that they were not using two-factor authentication, putting their accounts at risk. Another 26% clicked on a phishing link on their own and 10% had the same password to log in to different accounts.

3% of Russians admitted that they write down their passwords on paper, and 2% noticed that their password was included in a photo posted on social networks.

OK experts have identified the most common mistakes when maintaining online security:

• Changing passwords is too “logical”: adding an additional number, special character or letter to the old password;
• use of full name, year of birth and other personal information in passwords;
• simple and easily recognizable response to the keyword (relevant for bank accounts);
• use of an email, bank cards, mobile phones for all services;
• connect to unverified Internet networks in public places.

More than 3.6 users of the Rabota.ru service from all regions of Russia took part in the study.