#6 Social Engineering Passwords

Many companies provide facility to its employees to log on to work systems remotely, so that the employee has access to data to work on with, when staying at some different place.

“If hackers can find out the credentials for that user, they can log in remotely as that user and access network resources,” Alperovitch said.

And to obtain passwords, hackers may come with many tactics, like, sending an email asking the target to reset their password, once he enters the password, then it get automatically transferred to the hacker, empowering him to control the system remotely.  

#5 Stealing Through Third-Party Sites

Hackers can target the victims on third-party sites, like LinkedIn. When they find someone working for a company interesting to carry out their motives, they simply hack in to the third-party website and steal employees’ credentials. Since some employees use same username and password for both work and other websites; the hackers can then use the stolen credentials for their own advantage.

Alperovitch said: this is why IT security experts recommend using different user names and passwords for different websites.