If you’ve ever had an email account, you’ve likely received a message similar to this one:
Dear customer, our courier has attempted to deliver your parcel today, but you could not be contacted at the address or on the phone. Because nobody could sign for the parcel, we have deposited it at our local office, leaving you a notice in your mailbox. To claim your package, please visit our office with a printed copy of the delivery notice. A scanned copy of the UPS Missed Delivery Notice can also be found by clicking here.
It’s an example of a common phishing scam designed to infect the receiver’s computer with malware. Other phishing emails attempt to collect personal data—usually using links to fake websites designed for that purpose—and all are becoming increasingly common.
RewardExpert recently spoke with Patrick Tiquet, director of security and architecture at Keeper Security, about the company’s online security product and the going price for stolen passwords on the dark web.
Dark Web Data Sales are Increasingly Lucrative for Hackers
Though a Keeper vault would not have protected the 143 million consumers whose data was recently stolen from Equifax, Tiquet says the incident highlights why sensitive information stored in the Cloud must be protected by encryption.
“Once your data is out there in the Cloud or on the Internet, you have essentially lost control of that data or entrusted its protection to a third party,” he explained. “The only way to secure it is to encrypt it and retain control of the encryption keys. Essentially, that’s what a zero-knowledge encryption product like Keeper does.”
Keeper protects its customers’ information—from passwords to credit/debit info and private files, photos, and video—with 256-bit AES encryption and the PBKDF2 algorithm, the same level of encryption used by the U.S. military and widely accepted as the strongest encryption available.
This encryption prevents hackers from decrypting and selling the data online—an increasingly lucrative crime. Tiquet recently spent time on the dark web researching current market prices for stolen data. While passwords for Netflix, Hulu, and Spotify accounts were going for between $1 and $3, stolen credit card data was worth $8 to $22. Driver’s license information could be purchased for $20, and a complete medical record was fetching up to $1,000.
Password Management on Desktop and Mobile Devices
Founded in 2011 by Darren Guccione and Craig Lurey, Keeper Security began as a password management app.
“Craig was a programmer and decided to write an app for his phone that would store his passwords,” Tiquet recounted. “He originally wrote it for personal use, but decided it would probably be useful to a wide audience of people.”
“A lot of people write their passwords on Post-It notes,” Tiquet said. “I even know people who make contacts in their iPhone for passwords so they can keep them synched across devices. But that’s not secure at all.”
According to Keeper Security, 81 percent of data breaches are due to weak, default, or stolen passwords.
“Keeper also has the ability to generate secure, unique passwords,” Tiquet continued. “Anytime you set up a new account, you can open your Keeper and generate a random password that is only used for that one online account.”
Passwords stored in Keeper synch securely between desktop and mobile devices through the company’s Cloud infrastructure.
“Whether you’re logging into a browser, your iPhone, or your Android device, everything will remain in synch,” Tiquet explained. “If you enter a new password in Keeper on your iPhone, you can retrieve it the next time you log in through your browser extension or your Android device.”
Users can log into their Keeper vault on any device with a master password or, if their mobile device is equipped with a biometric scanner, their fingerprint. The software also utilizes two-factor authentication to provide an extra layer of security.
More than 11 Million Customers and Growing
“Our typical customer is educated in the need for better information security but wants a solution that is both easy to use and secure at the same time,” Tiquet said. “They understand the need for using complex, unique passwords for their online accounts. They understand the need for encryption of sensitive files and data, but at the same time, they don’t want to deal with encryption keys or managing public-private key pairs. Keeper gives people the best of both worlds.”
According to Tiquet, the company currently has 11 million individual customers and 4,000 enterprise business customers and is adding thousands of new customers each month.”
“We listen a lot to what customers want and need and are constantly working to integrate and improve customer-driven feedback and improvements into our products,” he added.