Type 1: Brute Force attack
A brute force attack is a method of defeating the encryption which secures a network by systematically trying a large number of possibilities. What it basically does is to guess the possibilities of a password by running through a list of dictionary words, number patterns and symbols until it has found the actual password. This kind of hacking can take up to weeks if the password is complex but can take a matter of minutes if your password is as simple as ‘abc’. How to avoid it? Simple. Make your password as complex as possible and use a secure password manager such as Roboform to remember it.
Type 2: Bogus websites / Phishing Attack
Unfortunately, many internet users don’t pay attention a lot of attention on the website they access. For example, there has been two cases of bogus Facebook websites during the last few months when hackers made a replica of Facebook and convinced users to sign in like a normal Facebook website. How? They’ll first infiltrate a user’s account and send a convincing message to all his friends. The message could be something like “Hey. Check out your photo in my Photo Album. Click here to see it’. The link will lead the user’s friend to the bogus Facebook website which will request the user to sign in again. Once the user has signed in, all the information goes straight to the hacker and the hacker will then able to infiltrate the user’s account and repeat the process. There has also been cases like this for eCash websites such as Paypal. So how you do distinguish a genuine and bogus website? First, pay attention at the URL address. Are there any typos? For example, myspace.com and mysspace.com. Most users only take a quick glance at the URL address and I guarantee that they wouldn’t be able to spot the typo from the previous example. Another thing to look for, especially if you’re doing online transactions is the https:// sign. All major online businesses should have this to show that any transactions are encrypted and secured. In the end, it really comes down to common sense so always be aware of any websites you visit and don’t click a link hastily if you come across one.
Type 3: Trojans, spyware and keyloggers
Trojans, spyware and keyloggers can all be classified as malware. What do they do? They basically act as a backdoor in a computer. A Hacker will distribute a legitimate looking installation file around, possibly through emails or P2P networks. What most user wouldn’t know is that a trojan or spyware would be part of the installation file and they would be installed unnoticed. Once they have been installed, the malware process will run in the background and monitor every move a user makes on his computer. A keylogger for example will record every keystroke a user makes, things like passwords and bank account numbers are at risk. How do you avoid these malware? Download files only from legitimate and reputable websites! Always question the software beforehand by searching about it on Search Engines like Google. You are bound to find many user reviews about the software, helping you decided whether to install the file or not.
Type 4: Software vulnerabilities
Unfortunately, every software and programs out there has flaws and hackers take advantage of them quickly and efficiently. As you may have heard recently, The Conficker Virus was able to spread due to a vulnerability in the Windows Operating System. To reduce the chances of hackers taking advantage of these vulnerabilities, always download the latest updates for your OS as soon as it is released. Windows has its infamous Windows Update which can be quite annoying at times but it is the quickest and most efficient way for Microsoft to distribute updates to fix any security vulnerabilities they find in the system.
There are unfortunately many other forms of hacking out there but the above four points cover the most basic of attacks which are performed against common users. Hackers on a large scale may also use attacks such as DDOS (Distributed Denial of Service) which aims to overload a system’s network by directing many ‘puppet’ computers to a site in one go. Sounds scary huh? Don’t worry. These attacks are not likely to come at you unless you are a high figure profile causing controversy in the underground world. Just be aware of what you do on your computer and always have an antivirus of antispyware program installed to reduce your chances of being hacked.
No comments:
Post a Comment