Top 5 hacking techniques and their prevention.

December 1, 2017    Security Ethical Hacking

Most of the people today, use internet without proper knowledge on "How to be safe online" and this makes very easy for the hackers to use simple hacks to gain their private information that they wouldn't want to reveal. "If you know the strategy of the opponent it becomes easier to defeat them.", thinking of hackers as your opponent, my motive is to tell you about the most common hacking techniques used by hackers and their prevention.

Phishing

This hacking technique is mostly used by the beginners (otherwise known as Script Kiddies) who are new to the field of hacking. In this technique the hacker makes a fake website which looks and functions just like the original one. Hackers makes some changes in the source code of the original website, so that when the victim enters his information it goes to the hacker and not to the destination where it was supposed to go. By using E-mail spoofing technique, the hacker sends fake email which appears to come from the original company or the service provider. This email contains the link to the fake website and asks you to sign in to that website. When you sign in to that website (thinking it to be real) you information goes to the hacker and your private information is hacked.

Prevention -

  1. Best way to prevent phishing is by checking the URL, it must start with ‘https://’ and not 'http://', here 's' stands for secure and every website which has log in function must have this type of url.
  2. Just keep in mind that companies never send any email asking the users to sign in to their account. Learn to identify fake emails (by looking at sender's name and email ID) and if you have the slightest doubt then just ignore it or delete it.
  3. Use a good and updated antivirus. They are helpful in preventing phishing emails.

RATs and Keyloggers

Remote Access Trojan is a malware that is usually download by the victim without his knowledge. These malwares are often hidden inside a software or could be sent as an email attachment. When the user installs the software the RATs get active and open a backdoor through which the hacker gains access to the victims computer. Now it is possible for the hacker to do whatever he wants using your system. Examples include monitoring the behaviour using keyloggers, activating webcams, taking screenshots, deleting files, downloading more viruses and much more.

Prevention -

  1. Always have a good and updated antivirus installed on your computer.
  2. Refrain from visiting and downloading from untrusted websites.

Man In The Middle Attack -

This is a more advanced hacking technique where the hacker tries to gain the information that is being sent between the sender and the receiver. The hacker gets in between the communication of the two users, so all the data being sent and received passes through the hacker. The hacker can sniff any information being sent and even modify it. There is no harm done to the system of the victim and it seems that the communication is taking place the way it should. This attack is commonly executed by setting up a fake WiFi hotspot in a public place, when anyone connects to this WiFi and uses internet, all the data that he is sending or receiving can be seen by the hacker and again your private information is hacked.

Prevention -

  1. Try not to use a public WiFi which are open (without password).
  2. Set up a VPN and use tools like HTTPS Everywhere to send and receive data in encrypted form.
  3. Do not make any transactions using a public WiFi.

Session Hijacking -

To understand this attack lets first understand what ‘Cookies’ are and how they work. Cookies are small text files that are used by websites to track user’s behaviour and preferences, to make their visit more simple and easy by only showing them what they want. These are stored by the browser. The hackers steals these cookies from the victims computer and stores these onto their browser. Now when they open the website on their computer the website thinks that it is victim who is accessing the site but its actually the hacker. The Cookie Stealing is usually done with the help of Man In The Middle attack.

Prevention -

  1. Only allow the https websites to use cookies.
  2. Disable the features of the websites which are of no use for you.

Social Engineering -

This technique involves manipulating the victim into doing some task which can benefit the hacker. We come across Social Engineering attacks not only online but in our daily lifes too. The calls for buying credit cards, mails regarding winning a lottery or buying a membership of some club these all come under social engineering attacks and the main motive is to steal some personal information. Other attacks include hacker contacting the victim on a social networking site using a fake ID, someone looking at your keyboard as you type the password, asking you to donate some money to charity which might go to the hacker etc.

Prevention -

  1. When you come across such calls and email don't trust them blindly, first do some research, ask you friends and then take the appropriate action.
  2. Just keep in your mind that nothing in this world comes for "free", so it doesn't matter how good the offer is don't get tricked by it.

Subscribe to the newsletters