DEV Community

Cover image for CyberAttacks Types and Techniques.
Mahima Bhardwaj
Mahima Bhardwaj

Posted on

CyberAttacks Types and Techniques.

Phishing- It is one of the most common cyberattacks used by attackers to deceive individuals into revealing their sensitive information through misleading communication.

Image description

Types of Phishing

  • Vishing
  • Smishing
  • Pharming
  • Whaling

Vishing - In this type of phishing, malicious actors use voice communication—often via phone calls or voice messages—to deceive individuals into providing sensitive information, such as:

  • Credit card numbers
  • Bank details
  • Personal data

Image description

Smishing - is a type of phishing attack conducted via SMS (Short Message Service). In this method, attackers send text messages that often appear to come from a trusted source, such as a bank, service provider, or other reputable organization. The goal of these messages is to lead you to a malicious website, where they can steal your personal information.

Image description

Pharming - Impersonating Legitimate website to steal user credential.

Image description

Whaling - In this technique attacker will target High-Profile individuals like politicians or celebrities.

Image description

What is Malware
It is a software that is designed to harm , disrupt or gain unauthorized access to a computer ,server or network. It can steal Data, Damage systems or allow unauthoruzed access to sensitive information.

Types of Malware includes

Image description

Virus - It attaches itself to file and spreads when those file opened or run.

Image description

Worm- It replicates itself and spreads across networks without user interaction.It slows down computer or network.They run by themselves they don't need user interaction.

Image description

Ransomware - it usually works by encripting data with a key unknown to the user. Payment through an Untraceable payment system is always the criminal's goal.

Image description

Social Engineering
It used to manipulate individuals into divulging sensitive information, performing specific actions , or compromising their security.This type of attack exploits human psychology, trust and natural behaviour to gain unauthorized access to syatems.

Image description

Shoulder Surfing
A criminal observes , or shoulder surfs, to pick up PINs, access codes or credit card numbers.

Image description

Distributed DoS Attack (DDoS)
Similar to DOS attack, but it originates from multiple, coordinated sources. An attacker builds a network of infected hosts , called a botnet(Zombies).

Image description

Spamming
It refers to practice of sending unsolicited and often repetitive messages. The intention for promiting products ,services or other content. Spam messages are sent in bulk to a large number of recepients.

Image description

Malvertising
In a malvertising attack, malicious code or links to malicious websites are embedded with legimate-looking ads.

Image description

SQL Injection
SQL injection is a type of cyberattack.It occurs when an attacker maliciously inserts SQL code within input fields of a web application. This attack exploits vulnerabilities in poorly sanitized user inputs. It allows the attacker to execute unauthorized SQL queries on the application's database.
The primary goal of an SQL injection attack is to gain unauthorized access to the database.

Image description

Cross-Site Scripting(XSS)

Cross-Site Scripting (XSS) is a type of security vulnerability.
It occurs when a web application allows malicious users to inject malicious scripts.This vulnerability arises when the application does not properly validate content before displayed to users.

Image description

Bots and Botnets
A bot (short for "robot" or "software robot") typically refers to a software program or script that performs automated tasks on the internet. Bots can be designed for a wide range of purposes, both legitimate and malicious. The term "bot" is often associated with automated actions performed on the internet, such as web crawling, data extraction, and interacting with online services.

Image description

Man-in-the-middle attack

A criminal performs a man-in-the-middle (MitM) attack by intercepting communications between computers to steal information crossing the network.

Image description

Top comments (0)