There is no doubt that Phishing is one of the most common threats on the net. As we know, hackers use techniques to steal our credentials and passwords. They use baits to get us into the trap. Now, how long does it take to steal from us since we fall into these types of attacks? We echo a study that indicates this.
Time from when we bite into Phishing until they steal from us
A Phishing attack is usually a message that reaches us by email where we are “invited” to log in with our account. They tell us that there is a problem, that we must update the data or anything. We put our credentials and passwords but we are actually sending it to a server controlled by cyber criminals.
The question now is what time elapses from when we put our data, from when we fall into the Phishing trap, until the attackers really make use of that stolen information. Can we avoid being robbed once we have stung the hook?
According to the research that we echo, this average time is 5 days . That is, if we receive a fraudulent email, where they actually seek to steal our password and fall into the trap, for up to 5 days (on average) they would not use that information and therefore they would not steal money from our bank account, they would not read information from social networks, etc.
Members of different platforms and international organizations such as PayPal, Google, Samsung, as well as Arizona State University have worked in this study. The goal was to analyze how users interact with Phishing attacks and what time it takes until hackers actually make use of the stolen information.
They analyzed other aspects, such as the time that passes since we received a Phishing attack and it is detected by the browser or security tools. But undoubtedly the most interesting fact is that, on average, it takes 5.19 days from when the victim bites on the hook until their data is used.
The importance of changing our keys quickly
This indicates to us the great importance of changing our passwords as soon as we are aware that we may have been victims of Phishing. It is true that hackers constantly refine their attacks and make them more credible. They ensure that the victim, once the password has been set, does not suspect that there really is a problem behind it.
On average, as we have seen, it takes 5 days for a cybercriminal to use those keys and credentials that he has stolen. This leaves users a margin to change passwords, logically. However the time may be shorter.
Our main advice is that whenever we have the slightest suspicion that we may have been victims of Phishing or any cyber attack, let’s change our passwords as soon as possible . We also recommend activating two-step authentication to add an extra layer of security.