November 28, 2017

Have you watched those movies where a banker is kidnapped, and a fake person enters the system using the banker’s ID?

And an ally is stationed where the server is – most of the time impersonating himself as a technician. While people are watching the banker with guns and heavy protection, the money is being laundered to some other account unwillingly. This is eventually followed by a fight scene! And it’s always a nail-biting finish.

Have you ever stopped to wonder if something similar could be happening to your bank account and hard earned money as well? Can an impostor be using your name and credentials in some other country to perform illegal dealings? Your credit card can be swiped at a jewelry store 2000 miles away while you are enjoying a cup of coffee with your friends?

If you haven’t given this a serious thought, it’s high time you must! These things don’t happen only in the movies anymore. CyberCrime is on the rise, and Cyber Criminals are finding innovative ways to attack your system and computer network to steal data or money without proper authorization.

Is your data secure and protected?

Do ask yourself these questions:

Have you done your banking transactions only in a secured network

Have you saved any personal data on websites or pages for easy retrieval?

Have you scanned your computer recently?

If your answer to any of these questions is NO – you must read below to see the new techniques used by cybercriminals to access your data and take immediate precautionary measures.

5 Hacking Techniques Used by Cyber Criminals

1. Malware

Malware is any malicious software. It could be viruses, trojans, worms or ransomware.

Have you heard of the ancient City of Troy and the Trojan War?

The Trojan War was in a deadlock situation since the Greeks tried to invade the city of Troy, but could not, and the Trojans could not drive them away either. In the end, the Greeks deserted the gates of the city but left behind a huge wooden horse.

The Trojans were convinced that the Greeks had deserted the battlefield and left behind a gift to the Goddess of War and brought the gigantic harmless looking wooden horse inside the city. At night, Greek soldiers hiding inside the hollow interiors of the wooden horse invaded the city and opened the city gates to allow the remaining soldiers inside the otherwise impregnable city of Troy. And the rest, as they say, is history.

Trojan – named after the seemingly harmless mammoth horse is a software exactly like the Trojan horse outside the city of Troy. It seems harmless and comes from trusted sources such as an e-mail or a friend whose account has already been compromised.

Once downloaded, this malware can cause tremendous damage regarding losing data as well as corrupting the existing software. It can do keylogging – copying your keystrokes, mouse clicks or allowing a hacker a backdoor entry to your system once installed. The Trojan can also enter the system by clicking on malicious links and always enters your system by a trick.

Precautionary Measure: Check the source and authenticity of e-mails or links when opening it on your device.

2. Denial of Service / Distributed Denial of Service (DoS/DDoS)

The modus operandi of the hacker is to bring down the system or network by overloading it with multiple login attempts and data requests. The magnitude of destruction can range from only affecting certain websites for accessing personal information saved in forms. This can be avoided by downloading and or updating an anti-virus or an anti-malware Software like MalwareFox, AVG, etc…

All you need to know about DDoS and DoS Attack and its Types

3. Cookie theft

A plethora of information such as user details, passwords, personal information and banking details are saved in the cache memory of your system.

Once stolen, cookies may be read or decoded to reveal information about you and impersonate you online if the password is saved. This needs to be deleted periodically to secure your data. A precautionary option is to avoid public domains and unprotected networks.

4. Phishing Attacks

Specially crafted e-mails luring you for an attractive job offer or a holiday at a phenomenally low price are examples of such emails. They come with a sense of urgency and want you to share personal details with them immediately to not miss out on the offer.

How to do Phishing attack (Advanced Social Engineering)

You are lured to the spoofed website where they capture your credentials (mainly banking) and misuse it after that. This is one of the reasons why companies have security awareness programs for their employees. It is cautioned to check the authenticity of such e-mails before divulging any information.

5. Watering Hole and WAP Attacks

With this technique, hackers create an attractive website which lures unwitting victims. This could be a website or a social media platform and is called the ‘watering hole.’ It is here that they can generate data from multiple users and spread malware to many people at the same time.

This fake WAP or wireless access point is an ingenious way to attract an audience whose data can be monitored, intercepted or hijacked as need be. The best way is to use a VPN (Virtual Private Network) while working with sensitive information to avoid an interception.

How to protect your data?

Invest in a good antivirus and and anti-malware and perform regular scans of your system Purchase a router with a pre-installed firewall to protect your home network. (Companies have strict cybersecurity, but no harm in doing a round of checks). Update your software to the latest version of the latest update is assumed to be free of software glitches and loopholes! Visit trusted websites and do not download content from questionable sites. Password Protect important information – Do not use easy to remember passwords such as birthdays and names of people dear to you. Change your password regularly and do not note it down anywhere. Be vigilant while logging in at public computers or through a common wifi. Ensure you have logged out and deleted the downloaded documents from the paved path as well as the recycle bin. Switch off your computer when not in use so that a hacker cannot have remote access to your system.

I have protected my data, is your information secure?