DEVELOPMENT OF RECOMMENDATIONS FOR MINIMIZING THE RISKS OF ACCOUNT HACKING ON THE BASIS OF ANALYSIS OF THE MOST COMMON HACKING METHODS

Abstract

With the spread of the Internet, social networks, messengers, etc. and their penetration
into all spheres of life of the modern individual, the number of attempts to obtain unauthorized
access to personal information of users is increasing. Accounts are the most vulnerable target for
hacking. Among the most common types of attacks - phishing, theft of cookies, use of keyloggers,
brute force. Social engineering techniques have become very popular among attackers. Using a
password in the form of a set of letters, numbers, and special characters is no longer sufficient to
provide the required level of account security. The introduction of combined systems increases the
number of identification features and increases data security. Systems based on contactless smart
cards, USB keys, hybrid smart cards, bioelectronic systems can be used as additional protection
mechanisms. One of the main recommendations for avoiding the consequences of fraudulent actions
is double or multifactor authentication to verify the identity of the client (requiring users to provide
data, such as a password, using other factors, such as a text message / SMS code or fingerprints).
Multi-factor authentication should be used on all available Internet services, where possible, to
ensure an acceptable level of security. There are two main types of multifactor authentication: the
MFA application, an authentication process that is activated when a user tries to access one or more
applications, and the MFA device, an authentication process that immediately activates the MFA at
the login point. One of the most common authentication factors is the phone number. Email codes,
text tokens, biometric verification, hardware tokens, security issues (secret issues) and more are also
used.