Home Kaspersky Lifestyle The Three Little Pigs and your passwords
Home Kaspersky Lifestyle The Three Little Pigs and your passwords

The Three Little Pigs and your passwords

Kaspersky reveals 25% increase of password stealers targeting SEA users in Q1 2021

May 6 is World Password Day but every day is a good day to revisit the strength of your security codes as cybercriminals are continuously trying to gatecrash into your online accounts. This is proven by fresh data from Kaspersky.

According to the global cybersecurity and digital privacy company, it has prevented 25% more password stealers in Southeast Asia (SEA) during the first three months of the year compared to the same period in 2020.

Password stealers are a type of malware that steals account information. In essence, it is similar to a banking Trojan, but instead of intercepting or substituting entered data, it usually steals information already stored on the computer: usernames and passwords saved in the browser, cookies, and other files that happen to be on the hard drive of the infected device.

Overall, Kaspersky solutions have blocked 776,684 Trojans designed to steal accounts in Q1 2021, 155,942 more incidents compared with last year’s 620,742.

While Indonesia and Thailand registered a slight decrease, the remaining four SEA countries logged an uptick on password stealers detections. Singapore registered the highest increase at 79% followed by Malaysia at 61%.

Country Q1 2020 Q1 2021
Indonesia 112,255 109,932
Malaysia 111,919 180,576
Philippines 45,373 55,597
Thailand 78,186 73,268
Singapore 16,706 29,875
Vietnam 256,303 327,436
No. of Trojan password stealers detected in Southeast Asia for Q1 2020 and Q1 2021

“It is known that Southeast Asia homes the most active social media users in the world. At the same time, the region is witnessing a massive digital shift at a breakneck speed. We are now a 400-million-strong online consumers, a number predicted to happen not until 2025. Hence, it is expected that cybercriminals would be very interested to take over our virtual accounts brimming with financial and confidential data,” comments Yeo Siang Tiong, General Manager for Southeast Asia.

“As we harness the power of technology and the internet, we urge everyone to strengthen their online locks regularly. Like how we improve our security systems as our houses accumulate more assets, we should also be more thorough on how we secure our online properties as we store more data in it,” adds Yeo.

Lessons from The Three Little Pigs
To show the importance of stronger passcodes and cybersecurity measures, Kaspersky reminds users of the classic tale – The Three Little Pigs. The well-known English folk tale’s seemingly simple plot explains the idea behind a brute-force attack.



The tale begins with the three pigs selecting a hardware solution to protect against cyberthreats. It appears to be some kind of Internet gateway. The first chooses a device made of straw (cheap and unreliable), the second opts for wood (more reliable, but still not great), and the third puts up a real firewall made of stones.

The wolf in the fairy tale is depicted as a fairly low-skilled hacker. His approach to the information infrastructure of each little pig is to attack it with the only tool available to him: blowing. As you surely recognize, this is analogous to brute-force hacking. In cybersecurity, brute force is usually applied to cracking passwords.

The tale shows that this technique can indeed be effective when the target doesn’t pay much attention to cybersecurity: The first two porcine huts cannot withstand the brute-force attack, and the attacker gets inside. But with the third, he encounters problems.

In other words, even storytellers two centuries ago knew that using inexpensive routers with default passwords, or practically using weak passwords in general was a recipe for disaster.

To boost your password and to secure your accounts like the third pig, Kaspersky experts provide some quick tips and tools:

  • Check the strength of your current passwords. Kaspersky has a free tool to help you on this
  • Use Have I Been Pwned, to see if your passwords have been leaked
  • Update your password regularly, at least every 90 days. A password manager can assist you in remembering them
  • Set up two-factor authentication, so even if your login and password have been stolen, they will not be enough to access your account
  • Only download apps from trusted sources
  • Use a reliable security solution, such as Kaspersky Total Security, which will be able to identify stealers and stop them from stealing your data