Cybercriminals have left us with footprints giving us some clues to help us understand. Here are 5 common faces of cyberattacks to know and avoid.
Cyberattacks have become rampant recently and they are leaving behind some clues that can help us. Here are 5 common faces of cyberattacks to know and avoid, says Fawad Ali of MUO:
1. Malware cyberattack
Malware is a combination of malicious software. An intrusive program (script or code) made to exploit other devices. Favorite among hackers since it is easy and effective.
3 Major types of Malware:
- Ransomware: a specialized kind that encrypts files and disallows access to data until a ransom payment is made.
- Trojan Horse: is supposedly a harmless program that hides in email or file attachments. When downloaded, it enters into the computer system to perform its tasks.
- Spyware: is a program that monitors your activities without you knowing. The hacker is spying on sensitive information & keeps track of your login information to access your system. This is mainly used to steal passwords, credit card and banking information.
- Update OS regularly
- Avoid opening suspicious websites or email
- Avoid downloading files & plug-ins from suspicious sites
- Never give administrative privileges unless you truly trust the source.
- Install anti malware software like malwarebytes
This uses malicious emails, calls, or text messages to fool the users in order to get sensitive information. Information such as credit card details, passwords and others are what hackers aim to get from you.
Two types of Phishing:
- Spear phishing is targeting individuals or organizations for money, trade secrets or intelligence. Hackers who use this type of attack know well about their victim.
- Whale Phishing is going for high profile individuals like CEOs and CFOs. The type of attack aims to steal sensitive data from one who has wider access to vital information.
- Use two-factor authentication for all accounts.
- Keep a close eye to emails, including syntax and logos.
- Never click on any link within an email that requires login credentials.
- Investigate the sender of email
3. DDoS Cyberattacks
A kind of attack frequently used by cybercriminals to infiltrate against network resources. It jampacks the website with so many unnecessary messages to cause traffic and apparently exhaust its resources. Distributed Denial of Service (DDoS) attacks can either damage or cripple the functionality of the target for a period of time.
- Use DDoS-prevention services provided by hosting companies.
- Use Content Delivery Network (CDN) solutions.
4. Cross-Site Scripting (XSS)
XSS enables hackers to steal cookies, hijack information sent by users to the website. Including sensitive information like credentials, credit card details, and other confidential data.
- Avoid accepting third-party cookies from unknown sources.
- Be concern over the user input on web pages
5. Brute-Force Cyberattacks
This is a cryptographic hack, where cybercriminals use the trial-and-error way to guess login information. Hackers will guess possible combinations of passwords using the dictionary until they guess correctly the right combinations. This method uses automated tools and botnets which are capable of taking in thousands of passwords within seconds.
- Choose strong passwords.
- Carry out lockout after multiple failed attempts
- Use reCAPTCHA to block automated submission.