When you are connected to the world through the internet, there are chances that you might fall victim for these most common cyber attacks or have fallen already, be it today, tomorrow or in coming days. Nearly hundreds of millions of dollars have been stolen from online banking accounts and individuals all over the world. Those days are gone where dacoits used to loot the people for their money and wealth. Now, it happens all behind the monitor screen. So you have to be very careful while surfing the internet, whether it be clicking on an unfamiliar link or downloading files from the internet. The chances are that cybercriminals might infect your systems with some malware.
The evolution of technology and the increase in smart technology in our homes and businesses means there are multiple access points for the hackers to exploit and hence makes us more vulnerable. It’s true that we are handicapped without the use of the internet in today’s world. All our daily chores require the use of the Internet. I don’t ask you to stop using the internet. No, but you have to be very careful while using it. Most of you might be aware of the consequences if they had ever succumbed to a cybercriminal’s trap.
The question is “How should we protect against these cyber attacks?” But before that, we have to know what are the attacks that are hovering over your head. Am I right?
Here, on this post, we will be discussing the most common cyberattacks that have affected millions of user on a daily basis.
Phishing Attacks/Scams
The most common cyber attacks and easy to implement is the phishing attack. Phishing remains the most successful attack vectors due to its speed, as most phishing sites stay online for just four to five hours. The essence of the phishing scam is to force the online recipient to click on the web link, open the file attachment or complete the online form. In this attack, cybercriminals try to steal the personal information like banking password, credit card information, home address and contact number or even social security numbers by creating phishing websites which are designed to look exactly like the original website to trick them into entering their password, login details, and other sensitive information.
To avoid phishing attacks I suggest using phishing filter on your web browser. However, there are manual ways to identify phishing attacks.
- Looking at the domain name just before the .com, .in, .org, .gov etc.
- Phishing links are generally long and ugly.
- Sometimes phishing links are shortened by bit.ly and goo.gl links shortener.
- Sometimes fishing links are created which looks exactly the same.
Let’s take a look at this email sample to identify the possibility of it being a phishing email
Now, let’s take another example. Can you identify which of the following is a phishing link?
Yes, exactly. The one domain contains zero in the domain name which is redirecting to my homepage (might be the phishing links in your case) while another link contains the letter ‘O’ which is the actual Facebook domain.
So, these are the few things how you can spot a phishing attack. However, it will take another article to write all types of phishing attacks. It’s a huge topic in itself. Let’s move on to the next most common cyber attack
Identity Theft Scams
It quite often happens that crooks already had access to your credit card or banking accounts access and stealing money from it in a small fraction which might not be easily identifiable. So, you have to be very cautious and closely monitor your accounts. If you notice suspicious activity, you should immediately report to the concerned authorities.
Moreover, that hackers can also perform some criminal activity using your details and claim governments benefit on your name.
Let me be very clear, all the roots to online theft ultimately have a link to a Phishing attack. It’s a major contributor to identify theft also.
Online Harassment
Often online impostors who harass you online do it to find your vulnerabilities or breaking points to manipulate your social life. This generally happens with the people who are quite active on social networking sites. Sometimes, online harassing becomes so dangerous that it impacts your social and personal life as well. You might have heard about the 13-year-old kid from Dardenne committed suicide from being bullied online. In India also, many kids committed suicides by being threatened on a popular game “BlueWhale”.
Our suggestion to you is that immediately report any activity out of the ordinary before it gets out of hand even if you may know the person on the other end.
Cyberstalking
As the word stalking itself speaks out everything about this attack. In general, stalkers are the person who takes note of your day to day activity without you being notified about it. The very same thing is done by cyberstalkers who might install some spyware on your device either be it remotely or manually and keeps track of your location, contacts, social media accounts, who you talk to, what you surf online. And once they find some vulnerabilities in you they start harassing you by any means.
They may contact your colleagues, family and other online contacts in an effort to extract personal information from them. All these attacks are linked to each other, some way or others. If you ever suspect someone invading your privacy, you can simply contact the police and file a report.
Social Engineering
Social engineering is kind of classic cybercrime and is quite often most effective, so much so that it can affect individuals as well as organizations. What cybercriminals do is to manipulate the person of interest so as to obtain the information needed to login into their networks.
There is a very common technique to do that. They will find your online information, befriend you and talk of your interest. People generally fall in the trap thinking that the person is of my type and give up their pieces of information to them.
Once the attackers get the information, you’re done. Next, a very common type of cyber attack is with the Botnets.
Botnets
Botnets are generally used to spread harmful software and files to launch cyber attack and spread spam campaigns. It’s a kind of controlled machine that is linked to a network, controlled externally by hackers. These hackers then send spam emails or attack the user’s machine through some malware and perform malicious tasks.
This can be prevented by using some reliable virtual private networks. What VPN does is to hide your original IP address and mask it with some virtual IP addresses and hence preventing your data from intruders. You should take preventive measures especially when you are trying to access some torrent sites.
Flood attacks
You must have heard or seen this type of attack in movies and TV series wherein a user’s machine is flooded with malicious requests which affect their work environment entirely. These types of attacks are popularly known as Denial-of-service (DOS) or Distributed Denial of Service (DDOS) attacks, generally triggered by botnets. The hacker then hacks into the system when the network is down.
In 2017, the volume of DDoS attacks was second only to malware according to Europol reports.
PUP or Potentially unwanted program
Have you ever noticed when you are installing some application software and after a moment you see that few more applications are also installed with it? Or, you might have come across some links which after clicking takes you to some entirely different websites?
The software which is bound with other software that you agreed to install is called PUP. People generally fall for this attack when they try to install some pirated or cracked software. These programs come in the form of malware, adware or dialers and are potentially harmful. Can you imagine four new malware samples are created every second?
Online Scams
There are countless online scams done all over the world each day in the name of rewards and prizes. Scammers lure the user with enticing offers or products at cheap prices and the people easily fall in the trap for this in greed. Sometimes the message is like “You’re lucky winner, you have won $3000, pay $50 to get your money in your account“. So, the people think, OMG it only takes $50, let’s pay it and take all the cash. Once you paid, you’re done!
The online scams also happen in the form of online charity, fake gift cards, online ticket fraud etc. Scammers generally target the users through their social networks, emails or some messaging apps.
Exploit Kits
They are readymade tools bought online and can be used against anyone with the computer. Basically, it finds the bug in existing software on your computer in order to gain access to it.
Hackers can easily exploit Java or Flash to hack websites or redirect visitors to some unsecured and malicious website with the help of software toolkit. These toolkits are used to find the vulnerabilities of remote software.
Online Extortion
One more popular financially-motivated cybercrime is extortion. What happens is when a cybercriminal gain access to a person’s or organization’s machine, they send a proposal to restore files and data that has been lost or corrupted in exchange of money.
Ransomware Attack
Ransomware attacks might be beginning to slow, but such attack remains prevalent in the banking system. What ransomware does is to encrypt the actual files and makes it inaccessible to the owner with a warning message to pay a certain amount.
Data Breaches
In 2019 alone 7.9 billion records, including credit card numbers, home addresses, phone numbers and other highly sensitive data breaches has happened.
Your personal information is certainly not safe online. Unfortunately, most people do not understand the gravity of attack unless it affects their own social and personal life.
Malvertising
Malvertising is the type of attack in which some popular websites are infiltrated by legitimate-looking advertisements carrying malicious codes. When the user clicks on those ads, it redirects them to some fake websites carrying viruses and malware which automatically gets downloaded into your device. These types of attacks are generally performed using porn websites or torrent sites.
Child Pornography
There have been increasing reports of paedophiles, where 5% of total world populations are reported to be involved in child molestation, especially prepubescent children. Most of the countries in the world have banned child pornography but unfortunately 10, 000 internet locations provide access to child porn.
These videos are generally circulated through darknet on-demand. You would be shocked to know that child pornography is a $3-billion-a-year industry. These children are drugged, molested and captured in the frames. It’s highly shameful, heinous, unethical and social abuses that are performed in human society.
Conclusion:
It is not necessary that you need to be a cybersecurity expert to avoid the cybercrimes. Most cyber attacks can be avoided by developing basic security habits and being well-informed about modern threats. Hackers target digital devices like computers, smartphones, Internet Protocol cameras and network-attached storage (NAS) devices since these devices usually need to have ports open and forwarded to external networks or the internet as most of the people these days use mobile devices for financial transaction as well as typically hold all their information on their phone. Staying safe in this era is difficult but not impossible. Keep this following mantra in your head and you can possibly avoid 70% of cyberattacks:
- Be very careful while browsing online
- Flag and report any unexpected or suspicious emails.
- Never click on the unfamiliar links blindly
- Use a VPN if possible
- Avoid entering your credentials on random websites
- Use a strong password with 14+ alphanumeric characters, one upper case, one lower case, numbers, no repetitive characters.
- Keep your antivirus applications up to date.
If you like this article share this on Twitter, Facebook, and LinkedIn. I inspire to create more!…