Attacker Techniques And Motivations
Attacker Techniques And Motivations
Hello friends!
Today let’s read about attacking techniques used by hackers and what are their motivations to do so.
First, we must know that attackers use proxies to cover their tracks. But how do they do this and why? Well, a proxy allows them to send network traffic through some other computer, which is used to send request of data and return the result through it, to the sender. Attackers don’t want to reveal they're a true identity as they are afraid that their IP (Internet Protocol) Address can be tracked. So, attackers use a proxy to sneak into any system and do what they want or access information they want right under the nose.
Now, Let’s read about what are the many Fraud Techniques attackers use:
1. Phishing.
2. Smishing.
3. Vishing
4. Click Fraud (also commonly known as PPC- Pay-per-click)
1. Phishing:
Attackers use this technique to obtains information which is sensitive to users, such information can be usernames, passwords, and credit card details, etc. But how do they get those?
The answer is that Phishing is carried out through email spoofing. Attacker sends a malicious code attached in an email to the victim, which in fact mostly contains links to websites. When a victim opens his/her e-mail and clicks on those links, it redirects users to enter personal information in a fake website which looks identical to the original one. Hence, the attacker gets what he wants.
2. Smishing:
It is generally known as SMS phishing. Attackers use cell phone’s text message to send the links in the victim’s cell phone instead of an e-mail. As we know, in modern days, people are using cell phone or we call smartphone to do all their financial transactions and banking, and people use their smartphones to access their emails, social accounts, personal conversations, etc.
In a text message, attackers attract the user to click on the link by convincing some type of gift assurance or lottery money winning messages.
3. Vishing:
This technique is also known as Voice Phishing. Attackers use public’s landline telephone services which may exist but its physical location is not known to the telephone company. Attackers use this technique to get credit card numbers and identity information of the person or victim.
Some attackers also use Voice over IP(VoIP) for Caller ID spoofing and IVR (Interactive voice response). IVR is a system that interacts with a human through a telephone keypad or speech recognition technique.
4. Click Fraud:
This technique is used to increase the payable number of clicks to the advertiser. This illegal practice can be performed by the individual manually or they use online bots or automated software which are programmed to click automatically.
This technique is most popular these days because fraudulent can use this technique to earn lots of money and can cause loss to the advertising company and other illegal practices. But, a problem may arise when it comes to identifying, either it is clicked fraud or invalid clicks?
Later, the solution was found which was in which invalid clicks were flagged and filtered from reports and payment systems automatically. And for click fraud to be resolved firewalls, ad blocking and monitoring tools were developed. For e.g., Google AdSense provides a Plugin tool which helped the vendor to encounter malicious click and also third party clicks on website advertisements. Sumber http://www.technicalgh.com
No comments