Cyberattacks, malicious acts against a computing device and often referred to as hacks, have often made headlines in recent years. You’ll remember the one in 2017, named WanaCry, which affected large companies such as FedEx and Renault. That same year, Netflix was also the victim of a cyberattack.
The idea is not to panic you, but only to make you aware that even the biggest companies can fall victim to cyber threats.
In this article, I propose to learn more about the 3 most common types of cyber attacks and how to avoid them.
If you’ve been following the saga of Russian interference in the last US presidential election in 2016, then you may know that a “rigged” email, using Gmail codes, is at the root of this mess.
Phishing is certainly the most widespread cyber attack on the web. It is a phishing technique that consists in usurping the identity of a person or a trusted company to collect personal information (banking identifiers, passwords…).
Most of the time, and this is what happened in the history of Russian interference, an email is sent to you in which you are asked to click on a link.
While you think you are redirected to the site of the structure in question, you are actually diverted to a site created identically by the cybercriminals. You are then asked to enter certain information and it is at this point that they are recovered and then exploited by the “hackers”.
This cyber attack is not directly linked to a security flaw in your computer system. Instead, it exploits your lack of attention.
Be aware of the emails (or even SMS) you receive:
- Try to identify spelling mistakes or poor quality visuals
- Check the structure of the email address
- Do not click directly on the link, but enter it manually in your search bar
- Before entering confidential data, make sure that the link’s url starts with “https”
- Contact the organization that seems to have been spoofed to remove any doubt about the message received
Warning: Be aware that most organizations never ask their customers to enter confidential information by email or SMS.
Man in the Middle (MITM) attack
This cyber attack is translated as “man in the middle” (HDM) and can take various forms. Most of the time, a hacker manages to position himself between a client and a server to intercept the exchanged data.
In a more concrete example, the attack could take place when you (the client) enter information on your bank’s website (the server). The HDM retrieves your data and uses it without your knowledge.
Typically, MITM cyber attacks occur when you connect to a compromised public Wi-Fi network. By spoofing the network, the cybercriminal can spy on your every move on the web and easily retrieve your passwords, credit card numbers, and even view your text messages, Facebook messages, etc.
The best prevention against a Man in the Middle attack is to use a VPN which encrypts your data, making it incomprehensible to hackers.
Also, avoid connecting to public networks to make purchases, connect to your bank’s website or do anything else that requires you to enter or communicate sensitive data.
Malware, a contraction of “malicious” and “software”, is a malicious program that installs itself on your computer or any other device.
Among the most common malware are viruses, ransomware that holds your personal data for ransom, and cryptojacking that uses computer resources to secretly mine cryptocurrency.
Malware is the “easiest” cyber threat to avoid because it involves device security. To protect yourself, firewalls and antivirus software should be installed.
Another way to guard against this type of cyber attack is to keep your operating system updated. This allows your device to install the necessary fixes to security flaws.
Note that the appearance of a toolbar that you did not install, a sudden drop in your device’s performance or constant pop-ups should alert you. These are signs that you are infected with malware.
If you are facing this kind of cyber attack, try to find a computer security expert. He or she will be able to give you a full diagnosis and help you bypass the malware.