Phishing- It is one of the most common cyberattacks used by attackers to deceive individuals into revealing their sensitive information through misleading communication.
Types of Phishing
- Vishing
- Smishing
- Pharming
- Whaling
Vishing - In this type of phishing, malicious actors use voice communication—often via phone calls or voice messages—to deceive individuals into providing sensitive information, such as:
- Credit card numbers
- Bank details
- Personal data
Smishing - is a type of phishing attack conducted via SMS (Short Message Service). In this method, attackers send text messages that often appear to come from a trusted source, such as a bank, service provider, or other reputable organization. The goal of these messages is to lead you to a malicious website, where they can steal your personal information.
Pharming - Impersonating Legitimate website to steal user credential.
Whaling - In this technique attacker will target High-Profile individuals like politicians or celebrities.
What is Malware
It is a software that is designed to harm , disrupt or gain unauthorized access to a computer ,server or network. It can steal Data, Damage systems or allow unauthoruzed access to sensitive information.
Types of Malware includes
Virus - It attaches itself to file and spreads when those file opened or run.
Worm- It replicates itself and spreads across networks without user interaction.It slows down computer or network.They run by themselves they don't need user interaction.
Ransomware - it usually works by encripting data with a key unknown to the user. Payment through an Untraceable payment system is always the criminal's goal.
Social Engineering
It used to manipulate individuals into divulging sensitive information, performing specific actions , or compromising their security.This type of attack exploits human psychology, trust and natural behaviour to gain unauthorized access to syatems.
Shoulder Surfing
A criminal observes , or shoulder surfs, to pick up PINs, access codes or credit card numbers.
Distributed DoS Attack (DDoS)
Similar to DOS attack, but it originates from multiple, coordinated sources. An attacker builds a network of infected hosts , called a botnet(Zombies).
Spamming
It refers to practice of sending unsolicited and often repetitive messages. The intention for promiting products ,services or other content. Spam messages are sent in bulk to a large number of recepients.
Malvertising
In a malvertising attack, malicious code or links to malicious websites are embedded with legimate-looking ads.
SQL Injection
SQL injection is a type of cyberattack.It occurs when an attacker maliciously inserts SQL code within input fields of a web application. This attack exploits vulnerabilities in poorly sanitized user inputs. It allows the attacker to execute unauthorized SQL queries on the application's database.
The primary goal of an SQL injection attack is to gain unauthorized access to the database.
Cross-Site Scripting(XSS)
Cross-Site Scripting (XSS) is a type of security vulnerability.
It occurs when a web application allows malicious users to inject malicious scripts.This vulnerability arises when the application does not properly validate content before displayed to users.
Bots and Botnets
A bot (short for "robot" or "software robot") typically refers to a software program or script that performs automated tasks on the internet. Bots can be designed for a wide range of purposes, both legitimate and malicious. The term "bot" is often associated with automated actions performed on the internet, such as web crawling, data extraction, and interacting with online services.
Man-in-the-middle attack
A criminal performs a man-in-the-middle (MitM) attack by intercepting communications between computers to steal information crossing the network.
Top comments (0)