Source: Fossbytes.com by Amar Shekhar
Short Bytes: Using simple hacks, a hacker can know about your personal unauthorized information which you might not want to reveal. Knowing about these common hacking techniques like phishing, DDoS, clickjacking etc., could come handy for your personal safety.
Unethical hacking can be called an illegal activity to get unauthorized information by modifying a system's features and exploiting its loopholes. In this world where most of things happen online, hacking provides wider opportunities for hackers to gain unauthorized access to unclassified information like credit card details, email account details, and other personal information.
So, it is also important to know some of the hacking techniques that are commonly used to get your personal information in an unauthorized way.
Keylogger is a simple software that records the key sequence and strokes of your keyboard into a log file on your machine. These log files might even contain your personal email IDs and passwords. Also known as keyboard capturing, it can be either software or software. While software-based keyloggers target the programs installed on a computer, hardware devices target keyboards, electromagnetic emissions, smartphone sensors, etc.
Keylogger is one of the main reasons why online banking sites give you an option to use their virtual keyboards. So, whenever you're operating a computer in public setting, try to take extra caution.
9. Denial of Service (DoS \ DDoS)
A Denial of Service attack is a hacking technique to take down a site or server by flooding that site or server with a lot of traffic that server is unable to process all requests in real time and finally crashes down. This popular technique, the attacker floods the targeted machine with tones of requests to overwhelm the resources, which in turn restrict the current requests from being fulfilled.
For DDoS attacks, hackers often deploy botnets or zombie computers which have only got the job to flood your system with request packets. With each passing year, as the malware and types of hackers keep getting advanced, the size of DDoS attacks keeps getting increasing.
8. Waterhole attacks
If you are a big fan of Discovery or National Geographic channels, you could easily report with the waterhole attacks. To poison a place, in this case, the hacker hits the most accessible physical point of the victim.
For example, if the source of a river is poisoned, it will hit the entire stretch of animals during summer. In the same way, hackers target the most accessed physical location to attack the victim. That point could be a coffee shop, coffee shop, etc.
Once hackers are aware of your timings, using this type of hacking, they might create a fake Wi-Fi access point and modify your most visited website to redirect them to you to get your personal information. As this attack collects information on a user from a specific place, detecting the attacker is even harder. One of the best ways to protect yourself again such as hacking attacks is to follow basic security practices and keep your software / OS updated.
7. Fake WAP
Even just for fun, a hacker can use software to fake a wireless access point. This WAP connects to the official public place WAP. Once you get connected to the fake WAP, a hacker can access your data, just like in the above case.
It's one of the easiest hacks to accomplish and just needs a simple software and wireless network. Anyone can name their WAP as some legit name like “Heathrow Airport WiFi” or “Starbucks WiFi” and start spying on you. One of the best ways to protect yourself from such attacks is by using a quality VPN service.
6. Eavesdropping (Passive Attacks)
Unlike other attacks which are active in nature, using a passive attack, a hacker just monitors the computer systems and networks to gain some unwanted information.
The motive behind eavesdropping is not to harm the system but to get some information without being identified. These types of hackers can target email, instant messaging services, phone calls, web browsing, and other methods of communication. Those who indulge in such activities are generally black hat hackers, government agencies, etc.
Phishing is a hacking technique using which a hacker replicates the most-accessed sites and traps the victim by sending that spoofed link. Combined with social engineering, it becomes one of the most commonly used and deadliest attack vectors.
Once the victim tries to login or enters some date, the hacker gets that private information of the target victim using the trojan running on the fake site. Phishing via iCloud and Gmail This is the attack route taken by hackers who targeted the "Fappening" leak, which involved numerous Hollywood female celebrities.
4. Virus, Trojan, etc.
Virus or trojans are malicious software programs that get installed into the victim's system and keep sending the victims data to the hacker. They can also lock your files, serve fraud advertisement, entertain traffic, sniff your data, or spread on all the computer connected to your network.
You can read the comparison and difference between various malware, worms, trojans, etc. by visiting the link given below.
3. ClickJacking Attacks
ClickJacking is also known by a different name, UI Redress. In this attack, the hacker hides the current UI where the victim is supposed to click. This behavior is very common in app download, movie streaming, and torrent websites. While they mostly employ this technique to earn advertising dollars, others can use it to steal your personal information.
In another word, in this type of hacking, the attacker hijacks the clicks of the victim that are not meant for the exact page, but for the page where the hacker wants you to be. It works by fooling an internet user into performing an undesired action by clicking on hidden link.
2. Cookie theft
The cookies of a browser keep our personal data such as browsing history, username, and passwords for different sites that we access. Once the hacker gets the access to your cookie, he can even authenticate himself as you on a browser. A popular method to carry out this attack is to encourage a user's IP packets to pass through the attacker's machine.
Also known as SideJacking or Session Hijacking, this attack is easy to carry out if the user is not using SSL (https) for the complete session. On the websites where you enter your password and banking details, it's of utmost importance for them to make their connections encrypted.
1. Bait and switch
Using bait and switch hacking technique, an attacker can buy advertising spaces on the websites. Later, when a user clicks on the ad, he might get directed to a page that's infected with malware. This way, they can further install malware or adware on your computer. The ads and download links shown in this technique are very attractive and users are expected to end up clicking on the same.
The hacker can run a malicious program which the user believes to be authentic. This way, after installing the malicious program on your computer, the hacker gets unprivileged access to your computer.
In the near future, we're going to publish a list of different types of hackers, so stay tuned for more interesting information and hacking.
Source: fossbytes.com byAmar Shekhar