Types of Attacks

Introduction

Security is one of the key factor that we must consider as we are surfing in internet world. in today’s technology it is impossible to thing using any digital resource without touching internet. Therefore learning all the possible treats that is bringing to our service or resource is a must. Above all , finding a solution is a must to provide a reliable serve. In this topic , we will see different attacks and the measure that we need to take before and after such treat to our services.

Phishing Attach

It is one of the most commonly used attach by cyber criminal. Letting people understand about the phishing behavior is a must for all members of your staff. The attach is mainly performed sending an email, make a phone call, SMS message, social media post that seems to be from a reputable source.

As the user convict to click a link in the email, the attacker will gain its end goals, such as tricking the victim into offering up account information, making a PayPal transfer, downloading disguised malware, and so on

Example : – Sending an email containing a link and have a message which looks like from your reliable source. The message in the email convince you to click and get some big dis-count or update your bank profile before it is expired, so and so forth. As the user tap, the link will re-direct you to a mock site looks like your bank and let you to provide your bank credential. This will make the attacker to gain your credential.

Figure 1.1 : – Phishing Attacks

Phishing is extremely dangerous and can affect millions of people stealing sensitive data, planting ransomware and other malware as well as gaining access to the most sensitive areas of a company’s systems.

Phishing Attach Signs

Phishing attach has a quince sign that is making different from the other types of attach. everyone should understand and aware about these signs as follow

  • Discrepancies in domain names: – Email addresses and web domains may have inconsistencies
  • Spelling errors : – The messages still often contain spelling or grammatical mistakes.
  • Unfamiliar greetings: Start with a message that you usually not aware of it. Example : – Hi turn to ‘Dear’
  • Short and sweet : – Sending a message not clear/missing a lot of useful information/ ambiguous
  • Unusual requests. : – Ask to take some action without any reason – Example : – Download some software.

Ransomware

This is another types of attach that is happening as part of the phishing attach that could let the cyber attachers to get and control the people sensitive data or machine. Ransomware planning a form of malware (malicious software) that encrypts data (sometimes also stealing it) and holds it for ransom, usually demanded in cryptocurrency such as bitcoin.

Ransomware attacks most often encrypt files, denying victims access to their data unless the victims pay by a deadline. Payment demanded for a decryption key can range from hundreds to millions of dollars

Figure 1.2 : – Ransomware Attacks

Crypto Jacking/Crypto Currency Mining

Cryptojacking is a threat that embeds itself within a computer or mobile device and then uses its resources to mine cryptocurrency. The main reason that they are residing on victim machine is to avoid the cost of hardware and electric for computing power which requires more to mine cryptocurrency.

The cryptojacking attach users through malware or phishing[malicious mail, link] like Ransomware letting a user to click on a link then the crypto mining code load to victim device and run without their knowledge performing complex mathematical computation for a long time. The code is using the victim computing power to mine cypto currency. or steal crypto-currency wallet using a victim device.

This could make the cyrpto jacking

  • Less Expensive
  • Generate money
  • Less to be caught

Figure 1.3 : – Cypto-Jacking/Cypto-Mining Attach

How do we know as Victim of Cypto -Jacking?

The following are the possible sign of crypto-jacking sign as victim machine experience

  • The victim machine becomes slow/lagging
  • The machine keeps crashing
  • The battery is lasting very short
  • The machine over heat
  • CPU Usage increase unexpectedly
  • Many more signs not normal

How to make our data/service/machine safe?

There are several action that we need to take ignorer to make our service safe and sustainable. some of the actions are the following

  • Training/ Staff awareness
    • It is a common approach that could bring a good knowledge of staff members about the kind of attach and how to protect from it. Cybercriminals constantly invent new strategies, and email security won’t catch everything. Your users and your organization at large will be safer if all users understand how to identify suspicious email messages and report phishing
  • Phishing Test
    • This is a common test that an organization has to perform on a regular basis to test its staff to know their level of understanding about phishing.
  • Use advanced multifactor authentication (MFA)
    • MFA create additional layers of defense between attackers and your internal systems.
  • Keep operating systems and browsers up to date
    • Software providers regularly address newfound vulnerabilities in their products and release their solution to let user update with new solutions to protect their venerability.
  • Use effective cybersecurity countermeasures.
    • Use a modern antivirus and anti-phishing solutions, alongside effective spam filters, will screen out many phishing attempts.
Scroll to Top