Hacking is any unauthorized access to data in a system or
computer. Lately, the incidence of hacking has been very common.
According to Security Magazine, there are over 2,200 attacks
each day which breaks down to nearly 1 cyberattack every 39 seconds.
In this article, I am going to highlight some of the vicious
techniques hackers use to access people’s information. You have to
be aware of some of these techniques and take possible steps to avoid being a
victim.
1. Phishing
The most popular hacking approach is phishing. Phishing mails
flood our inboxes and text messaging apps on a regular basis. These are
messages disguised as an organization (Amazon, Netflix, etc.) or a person you
trust, and they will, in most cases, give you stories to deceive you into clicking
on a link or opening an attachment. Sometimes they use popular freebies that
may attract your attention to click the link. “MTN Free Internet data, Coca
cola anniversary gift etc.” are some common phishing mails.
Typically they will:
- Inform
you that someone has been trying to log into your website and you should
update your credentials
- Claim
that there’s a problem with your account or your payment information
- Ask
you to confirm some personal information
- Include
a fake invoice
- Inform
you that you are eligible to register for a state refund
- Offer
you free stuff
2. Bait and Switch Attack
Attackers can fool you into visiting malicious websites by using
trusted marketing strategies such as paid advertising on websites. Rogue attackers
can purchase ad space on websites that sell it. The legitimate advertisement
might be substituted with a ‘bad' link that downloads malware, locks your
browser, or compromises your systems.
The advertisement could also connect to a legal website, but it
will be coded to send you to a malicious website.
3. Key Logger
A key logger is a piece of software that, once installed on your
computer, records every keystroke you make. Every keystroke on the keyboard,
every login, password, and credit card number, for example, will be recorded by
the key logger, revealing all of your data and personal information. This means
whatever you type on your keyboard are automatically sent to the attacker.
Normally, key logger apps are installed by attackers when they have physical
access to your device (laptop or phone). Key logger apps are mostly disguised
as another app after it has been installed by the attacker. For instance, a key
logger app may appear on your phone as a calendar or clock app.
4. Denial of Service (DoS\DDoS) Attacks
A Denial of Service attack is a hacking technique designed to
flood your web server with a myriad of requests to the point that it overloads
the web server resulting in a website crash. To do this, hackers will deploy
botnets or zombie computers (programmes designed to undertake automatic task)
that have a single task; flood your web site with data requests. This type of
attack are usually meant to corrupt your data. Website owners such as bloggers,
businesses, and celebrities are usually the targets.
5.
Cookie Theft
The cookies in your web browsers (Chrome, Safari, etc.) store
personal data such as browsing history, username, and passwords for different
sites we access. An attacker would send I.P. (data) packets that pass through
your computer, and they can do that if the website you are browsing doesn’t
have an SSL (Secure Socket Layer) certificate. Websites that begin
with HTTPS:// are secure, whereas sites that start
with HTTP:// (no ‘S’) do not have SSL and are NOT considered secure.
6. Fake WAP
A hacker can imitate a wireless access point (W.A.P.) using
software, which can connect to the ‘official' public place W.A.P. that you are
utilizing. A hacker can access your data after you connect to the false W.A.P.
To deceive you, the hacker will name the bogus W.A.P. something
like 'Airport Free WiFi.' So you need to be careful of some public free wifi
you connect your devices to.
7. Social engineering
Social engineering is a deception method that takes advantage of
human error to acquire access to private information, goods, or both. These
"human hacking" scams are commonly used in cybercrime to trick
unsuspecting individuals into disclosing data, spreading malware infections, or
granting access to restricted systems. Attacks might take place online, in
person, or through other means.
Scams based on social engineering are designed to manipulate
people's thoughts and actions. As a result, social engineering assaults are
very effective in influencing a user's behavior. An attacker can easily deceive
and influence a user once they grasp what inspires their actions. An attacker
pretending to be a person from authority, usually call victims informing them
that there is a problem or promotion going on, asking the victim to give him
their password, code, credit card number or pin. Some fraudsters use this
technique to take control of your social media account.
Lately, the common one is where fraudsters try to take control of
a WhatsApp account. They try to log in with victims WhatsApp account, when that
happens, the victim receives text message with a code from WhatsApp indicating
that the victim is trying to log onto WhatsApp on another device. The
fraudsters will then call the victim to mention that code to them, telling them
false stories to convince them.
So as internet user you need to:
- Use comprehensive
internet security software
- Keep all your
software updated as soon as available
- Never click on
links in any emails or messages (verify the authenticity before clicking)
- Don’t ever leave
your devices unsecured in public (lock your devices)
- Use strong
passwords (and a password manager)
- Always confirm the
validity of the email with the sender before you click on a link or
download a file
- Do not give
your password, code or credit card number to anyone under any
circumstance.
Stay safe!!!
No comments