British Man Charged With Hacking US Bank Computers

By   ISBuzz Team
Writer , Information Security Buzz | May 12, 2022 05:37 am PST

It has been reported that a British man has been charged in New York with unauthorized computer intrusion, securities fraud, wire fraud and other crimes, causing more than $5m of losses.

According to a 10-count complaint made public yesterday, Idris Dayo Mustapha, 32, a UK citizen, and others used phishing and other means to obtain user credentials from January 2011 to March 2018.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Mike Newman
Mike Newman , CEO
May 12, 2022 1:37 pm

This is yet another example of how stolen credentials have been used to gain access to critical accounts and earn criminals millions in malicious funds. Attackers can easily gain access to stolen credentials on the dark web or through phishing and once they have one valid set, they can increase their gains by testing them on other sites, knowing how frequently people use the same passwords across multiple accounts. Evidence of the earnings hackers can make through these attacks can be seen in this case against Idris Dayo Mustapha.

The best defence against these types of attacks is to target the root cause of the problem – passwords. This means to fight back, we need to focus on improving the security of user credentials and passwords, so they can’t be stolen or socially engineered out of victims in the first place.

Of course, promoting better password hygiene is one way to reduce risk, but the strategy has limits. To prevent criminals from utilising weak passwords or phishing for passwords, one of the safest approaches is to transition your enterprise to passwordless authentication. After all, if a user doesn’t know their passwords, how can they be stolen or phished for them?

Last edited 1 year ago by Mike Newman

Recent Posts

Would love your thoughts, please comment.x