Published October 14
Cybercriminals would do anything to accomplish their hands to steal money from unsuspecting users quickly. Even platforms fueled by blockchain technology were not spared. Since it's close to impossible to hack blockchain, they targeted the users instead.
Cybercriminals do not limit their activities to hacking network servers. They would employ various methods and would target almost any unsuspecting users to get what they want. It could be stealing personal information, credit card information, or even your cryptocurrency private keys. They would even try to hack a user's password to gain access to their targeted network.
Hello, readers. Before I became a freelancer, I was a network administrator for a company in our place. The network consists of over a hundred workstations and close to two hundred users. Part of my job was to secure our network. Though I have been away from that field for over three years, now, I still continue to update my knowledge as much as I can.
In this article, I will discuss only the threats that ordinary online users should be aware of. Be aware that anyone could be a target. It could be they specifically target you, or they will use your device to attack a much larger target.
Phishing Attack
Phishing - an intentional misspelling of the word 'fishing'. Like fishing, cybercriminals use baits to lure their unsuspecting victims. This attack uses a Phishing website or a fake website that looks exactly like a legit website, like that of a bank, a corporate website, and most likely a paying platform.
Image Source: Image by mohamed Hassan from Pixabay
A phishing attack is normally used to steal user information, including, credit card information, and login id and passwords. Recently it's used to distribute malware that serves as a backdoor for a more devastating attack like ransomware.
How It's Done.
One of the most common methods of Phishing is using spoofed email. The email could appear coming from a valid entity like a bank, telling you that you need to update your password within 24 hours. If you click the provided link which appears to be the link to your bank, will lead you to a fake website. After you enter your password on the fake website, you will be diverted to the original website.
Note that the bait here is the urgency to change your password. Other baits would be rewards that you need to claim within 24 hours. The urgency is always part of their bait.
The other day, CryptoZeug in Noise.cash posted a scam or fishing attempt in Discord. See the post (https://noise.cash/post/lv995vn2)
Read more about Phishing here: https://www.imperva.com/learn/application-security/phishing-attack-scam/
Scareware Attack
A scareware attack usually takes form in pop-ups ads that trick online users into believing that they need to download software, usually a fake antivirus. The fake anti-virus would "scan" your computer and report numerous virus infections. But, in order for you to "remove" these virus infections, you have to buy a license. Be aware though, that the report generated is fake and meant to scare you into buying their "license". This is sometimes used to steal credit card information.
Malware Attack
Image Source Unsplash
Malware is a conjunction of the two words Malicious Software. It's the umbrella term for any software designed to harm a computer or use it for the attacker's malicious purpose. This malware could be a virus, a worm, a trojan horse which may open up your computer to the other attacks in this list.
Trojan Horse Attack
A Trojan Horse is seemingly harmless software, but they could download another malware. A common example of a trojan horse is a game. While you're playing it, it could be downloading another malware, like spyware or a backdoor. Thus the name Trojan Horse.
Backdoor Attack
A backdoor would allow the cybercriminals access to your computer without you knowing it. Sometimes they will use your computer to attack another target. This is to mask the attacker's true location.
Ransomware Attack
This one is scary. I have seen this one first hand. Ransomware will hijack your files by encrypting them. You will find somewhere in your folders a ransom note with the demand for a sum of money for the decryption key. The encrypted files cannot be opened unless you pay the ransom for the decryption key. However, paying the ransom has no guarantee of getting the decryption key.
Image by mohamed Hassan from Pixabay
Cryptojacking Attack
Cybercriminals hack and install crypto-mining (cryptocurrency mining) applications or software into a user's computer or mobile device without permission. The software will use the processing power of the victim's device to mine cryptocurrency for the hacker.
Brute Force Attack
Last but not least. A Brute Force Attack is an attempt to guess a user's password by trying different words, phrases, and character combinations continuously. One method is trying dictionary words as passwords. If a user has a weak password, it can be cracked in a matter of minutes or even seconds. And if the user uses the same password on different platforms, then all those accounts are now compromised.
These are just some of the common cyber attacks that ordinary online users should be aware of. If you want to know more, you can visit this link: https://www.itgovernance.co.uk/cyber-threats
Common Prevention Tips
Here are some tips to prevent these attacks.
1. Do not use an unlicensed operating system. Especially if you are a Windows user. Unfortunately, there are some computer vendors who sell laptops and PCs with unlicensed Windows. Some of these are cracked which opened up more vulnerabilities. Also, you cannot update this operating system, thus any vulnerabilities can't be patched
2. Use a well-known anti-virus and anti-malware program. Some of the well-known anti-virus programs are:
Bitdefender
Kaspersky
Avira
Avast
AVG
Norton
Windows Defender
and many more. You can use the free versions if you want to. But if you are a heavy user, then shelling out a few dollars a year for extra protection is worth it.
3. Update Your Anti-virus software regularly. A flu vaccine cannot stop covid19 or any other new variants of the flu. Same thing with computers. Anti-virus software can only block and remove known viruses and malware. It has to be updated regularly so it will recognize and stop new forms of malware.
4. Use a Secure Browser. Brave browser is the most recommended browser for this. It blocks unwanted trackers and scripts.
5. Use a web filter for added protection. A web filter blocks unwanted pages even before your browser could open them. This is good also for filtering unwanted websites, especially for kids. Personally, I would recommend either of these two:
Forticlient - https://www.fortinet.com/support/product-downloads#ztna - Forticlient is a software created by Fortigate. A trusted manufacturer of Firewall Equipment.
k9 Web Protection - https://k9-web-protection.en.softonic.com/
6. Do not open attachments and links in emails sent by people you don't know. Some malware is designed to be stealthy. Meaning, they may not be detected by your antivirus software right away. Especially if the antivirus is not updated.
7. Use a strong password. Here's my article on this "How to Create A Strong Password that You Can Remember"
8. Be careful when you are browsing through the web and be careful about what you are downloading. Porn sites and torrent sites are breeding grounds for malware. If your system is not properly protected, some malware might be downloaded even by simply opening some of these sites.
In Conclusion
Being aware of these threats and basic prevention is your best line of defense. Your online safety depends primarily on how you behave online.
This is it, for now, thanks for reading, and stay safe.
If you have any questions or address suggestions regarding this topic, feel free to comment below. I would appreciate it.
References:
https://www.imperva.com/learn/application-security/phishing-attack-scam/
https://us.norton.com/internetsecurity-online-scams-how-to-spot-online-scareware-scams.html
https://www.blackfog.com/a-new-look-at-cryptojacking-security-threat/
Check out my other posts in Read.Cash
Check out my other Articles in Publish0x.com
Join me in ForumCoin.Com *
Follow me in Noise.cash
Follow me on Twitter
The content of this article is all mine unless otherwise indicated.
Geez these cybercriminals are wise in a negative way, tsk