- Online privacy experts say Facebook, Instagram and Spotify are the most commonly hacked account types in the United States.
- Hackers use leaked credentials to break into accounts or steal login details via phishing emails.
- Businesses can secure their accounts with strong passwords, multifactor authentication, password managers and VPNs.
- This article is for business owners and IT administrators who want to secure their accounts and increase overall cybersecurity.
Few things are scarier for a business than learning an account has been hacked. A compromised account can quickly balloon into a massive problem involving data breaches or even business closures.
Hackers have clear favorites when targeting accounts – and employ various techniques to breach them. Fortunately, businesses can take measures to boost account security and protect their vital data, including customer information. We’ll discuss the 10 most commonly targeted account types and share best practices for securing all your business accounts.
Top 10 accounts hackers target
Like most theft, cybercrime is heavily focused on opportunity versus payoff. While hacking a bank account may be highly profitable, it is typically much better protected than other accounts. Instead, hackers will target a range of accounts that may not be immediately profitable but still have significant worth if exploited correctly.
According to a VPN Central study, here are the most commonly attacked account types:
- Facebook accounts: Facebook accounts were the most commonly hacked account type in the United States by a wide margin. The study found that Google hacking-related searches for Facebook accounts numbered 67,940 on average per month.
- Instagram accounts: The second most-hacked account was Instagram, with 36,220 searchers on average per month.
- Spotify accounts: Spotify rounded out the top three, with 25,920 hacking-related searches conducted per month.
- Twitch accounts: Twitch was in fourth place, with 10,800 average monthly searches.
- Amazon accounts: Amazon took fifth place, with 6,170 average monthly searches.
- Snapchat accounts: Snapchat landed in sixth place, with 6,100 average monthly searches.
- Coinbase accounts: Coinbase followed Snapchat closely to reach seventh place, with 5,900 average monthly searches.
- Twitter accounts: Twitter took eighth place, with 5,190 average monthly searches.
- Gmail accounts: Gmail accounts were in ninth place, with 4,920 average monthly searches.
- Microsoft accounts: Microsoft rounded out the top 10, with 4,000 average monthly searches.
Facebook’s preeminence as the most targeted account type isn’t surprising. Facebook is extremely popular in the U.S., with 239 million users in 2022. Such popularity significantly increases the gross number of accounts vulnerable to malicious compromise. Facebook’s integrations with Facebook Pay and general business Facebook uses mean hackers can find considerable value in taking over accounts.
This rationale largely holds true across all the most targeted accounts. Instagram’s business uses are powerful, while Twitter for business and Snapchat for business are growing in popularity, making them attractive hacker targets. Additionally, if your Amazon store or Amazon Business account is compromised, hackers can use your credentials to purchase high-ticket items. And Gmail and Microsoft accounts can provide access to broader company networks, leading to additional compromises.
To recover from a data breach, hire a forensic expert to analyze the damage, talk to a lawyer specializing in data security breaches, inform the affected parties and implement robust security measures to prevent future attacks.
Everyday actions that lead to compromised accounts
Hackers compromise accounts in myriad ways. While some tactics may be as simple as getting lucky and guessing a weak password, other actions can be more involved.
Cybersecurity studies have pinpointed the most common causes of compromised accounts:
- Verizon’s Data Breach Investigations Report: According to Verizon’s 2022 Data Breach Investigations Report, stolen credentials were the top cause of data breaches, as attackers compromise accounts using leaked login information. Login information is often compromised when account holders use the same email and password combinations across numerous accounts. Once login details for one account are leaked, hackers can often use this information in their other accounts.
- IBM’s Cost of a Data Breach Report: IBM’s 2022 Cost of a Data Breach Report also found compromised or stolen credentials to be the primary initial vector through which hackers can breach accounts, cited in 19 percent of all cases. Phishing (16 percent) and cloud misconfiguration (15 percent) were the second and third most common initial attack vectors. While an average user can’t do much to secure their accounts against a business’s cloud misconfiguration, everyone should learn to recognize and avoid phishing emails designed to steal credentials.
Other typical sources of account compromise include the following:
- Weak passwords: Using common or weak passwords, such as “password” or “123456,” can compromise accounts. These passwords are easily guessable by humans, and hacking software can break into accounts using these passwords in a matter of seconds.
- Unsecured Wi-Fi networks: Logging in to accounts on unsecured or public Wi-Fi networks is also dangerous. Hackers can set up malicious, lookalike public Wi-Fi networks that record user data, including login credentials.
- Malware: Specific types of malware can record a user’s activity and send it to a hacker, including any typed passwords or websites visited.
- Unsafe password storage: Storing passwords in an unencrypted file or cloud storage account can be dangerous. If a hacker can access this file, they will have complete knowledge of every account login.
Signs your computer is infected by malware include poor performance, unexpected pop-up windows, strange sounds, and unexplained file and folder changes.
How compromised accounts can impact a small business
Account compromise can cause more than an inconvenience for a small business. While some accounts are quickly recovered, the compromise can last for a significant amount of time on other occasions – often without the account owner’s awareness.
Depending on the compromise’s length and severity, a business could face a range of consequences, including the following:
- Compromised accounts reduce productivity. One compromised account can lead to business productivity losses, depending on the account’s importance and how long it takes to recover control of the account.
- Compromised accounts may be lost entirely. Hackers may compromise a trusted business account, particularly on platforms like Facebook and Instagram, to distribute spam or malware. In such cases, the platform may permanently suspend the account. This can be particularly painful for businesses that have invested significant time to earn followers or rely on high social media engagement levels.
- Compromised accounts can cause lost sales. Compromised accounts related to sales or payments can cause financial distress. The business may struggle to reclaim the account or find new workaround methods to conduct operations. Business or system downtime could also cause customers to go to a competitor.
- Compromised accounts can damage a business’s reputation. A significant or highly public account compromise can cause long-lasting reputational damage. For instance, losing a high-profile Twitter or Facebook account to hackers could make a brand seem untrustworthy.
- Compromised accounts can lead to more account compromises. Sophisticated hackers who compromised one business account may use that as a stepping stone to compromise additional accounts in a business.
- Compromised accounts leave the network vulnerable. If a hacker manages to compromise an internal account, such as a Microsoft account, they could use this intrusion to try to compromise a business’s entire network.
- Compromised accounts can lead to lost money. Hackers could use compromised accounts to access financial accounts or payment systems. This could lead to significant financial losses, along with the costs associated with system repair and potential downtime.
- Compromised accounts can cause prolonged business disruption. Hackers may also deploy ransomware on a target’s network, encrypting all business data and causing significant downtime, losses and system recovery costs. According to Statista, ransomware attacks led to an average of 20 days of system downtime in the fourth quarter of 2021.
- Compromised accounts can lead to sensitive information theft. In severe cases, hackers could use a compromised account to conduct a data breach. Hackers may steal sensitive intellectual property, customer information or other valuable data. For businesses with fewer than 500 employees, a joint study by IBM and the Ponemon Institute found the average cost of a data breach was $2.98 million.
- Compromised accounts can create regulatory or legal consequences. Depending on the type of information breached, businesses may have to pay regulatory fines. For instance, the breach of any personal information belonging to EU citizens could lead to fines through the GDPR. Likewise, a breach of payment card data could lead to fines due to noncompliance with PCI.
- Compromised accounts can cause business closure. In a worst-case scenario, account compromise could lead to business closure due to significant reputational damage and loss of sales, financial theft, or high costs due to regulatory and legal fines, ransoms, or data recovery costs.
Account compromises and data breaches can happen to businesses of any size, not just big players. According to the Verizon data breach report, at least 14 percent of recorded data breaches affected SMBs. That number is likely even higher because 81 percent of data breaches affected companies of unknown size.
How to protect your accounts from hackers
While account compromise can lead to significant business disruptions, a small business can take numerous concrete steps to increase its overall security. Consider the following best practices:
- Use strong passwords. Mandate the use of unique, strong passwords throughout your organization.
- Store passwords with password managers. Instead of storing passwords in text files or using easy-to-remember passwords, use password managers to generate and store unique passwords for each account.
- Use multifactor authentication. Use multifactor authentication (MFA) on all accounts whenever possible. MFA requires a second level of authentication to log in to an account, such as a code sent to your phone or a biometric element like a fingerprint.
- Use a VPN. Have your team use a VPN (virtual private network) when using public Wi-Fi or accessing work accounts outside the office.
- Stay updated. Regularly update your apps and operating system. Regular updates can help prevent attackers from using discovered vulnerabilities to hack into an account.
- Train your employees in cybersecurity. Host regular cybersecurity training sessions for all employees. In particular, educate employees about how to spot and avoid phishing emails.
- Change passwords regularly. Change passwords across accounts on a regular schedule. If you learn that an account that shares a password with other accounts has been compromised, immediately change passwords on all accounts.
- Monitor accounts for suspicious activity. If you notice anything suspicious, immediately contact the platform, use its security features to log out of the account in all locations, and immediately change the account’s password.
Poor access management can lead to data breaches. Create a robust access management policy by taking a zero-trust approach, auditing employee accounts and staying on top of compliance regulations.
Business security through account security
Accounts – particularly public-facing accounts like social media or email – can be a cybersecurity weak spot for businesses. These accounts are easy for hackers to spot and target.
While most account compromise attempts don’t lead to catastrophic scenarios, sophisticated hackers can exploit account access and cause tremendous damage to a business. Fortunately, by following the outlined cybersecurity steps, businesses can go a long way toward protecting their accounts and overall business security.