In a world where we practically breathe not just air but also wifi and data, people began to be so dependent on it that it becomes as necessary as oxygen. Yes, I’m just exaggerating a bit but there’s some truth in it. Nowadays, our smart devices and internet connection have made their way to a modern man’s hierarchy of needs. One practical application of information technology that is mostly utilized by virtually everyone is that they use it to secure important data and even financial information which makes it a target for hackers and cybercriminals. Over the years, we have heard reports of how cybercriminals successfully hacked government websites, obtained sensitive personal information which they use to extort money, and even sweep clean their victim’s bank accounts.

Before you worry about the security of your data, it is important that we have an idea as to how they do their attacks. We, at TrinSecurity, will give you a list of the most common cyberattacks and how to effectively avoid them.

Malware

Malware simply refers to malicious software. These are software that when installed to a target device or PC, they can cause damage to system files, data, gain access to private networks, encrypt your data, infect other devices connected in the same network, and even lock you out form your own device. Viruses, worms, ransomware, trojans, and spyware are the most common types of malware. Malware then gives attackers access to your device and data without even you knowing.

Phishing

Phishing works the same way as fishing. Attackers would then bait victims into giving critical personal information by disguising as a legitimate website or source. They usually spam their target with emails containing links to what seems to be a legitimate site (usually their employer’s website or their bank’s). Once the target fell into their trap, attackers can get almost any information like credit card numbers, SSN, even passwords.

Man in the Middle Attacks

Known also as hijack attacks, the attacker intercepts communication or transaction between two parties online. The idea is similar to wiretapping or eavesdropping but the application is different. These attacks can intercept your online transactions like payments, emails, etc. They do it by hijacking network traffic and those who use an unsecured network like public wifis are most susceptible to this kind of attack. Once an attacker successfully hijacked a communication line, they can manipulate the transaction. For example, let’s say person A wants to send money to person B through an online bank transfer. However, person C, who is an attacker successfully hijacked the communication line between A and B. When A asked B for his bank account number to transfer the fund into, C can intercept the message, replace B’s account number with his own, send the modified message to A and as a result, A would be transferring to C’s bank account instead of B.

SQL Injections

SQL injection or Structured Query Language injection happens when an attacker inserts malicious code into a server that uses SQL. SQL is a language or code that a system or database uses to communicate and run the whole system. An attacker will alter such codes to breach the system. Once successful, the attacker can gain access to data within that database. SQL injection exploits security vulnerabilities of its target system.

There are still a lot of ways attackers use to attack but what we listed are the most common and most successful.

How can I avoid them?

Though the threat of these attacks is real, they can be avoided. Let me give a few simple things you can do to protect your system.

  1. Avoid accessing sensitive data on public wifi, unsecured networks, public computers.
  2. Use a trusted anti-virus and anti-malware program. Listen to your antivirus. If it flags a site or a file, it is most likely doing it for a good reason.
  3. Avoid downloading or installing pirated content. These usually come with either a malware or malicious script.
  4. Use different passwords for different logins.
  5. Always have a backup.
  6. Use a trusted VPN service.
  7. Be careful when clicking links you find on emails.
  8. Double-check website URLs before inputting your credentials.
  9. Consult experts like TrinSecurity Inc. to improve your network and data security.

On top of all, the most effective way to protect your system is through common sense and care. Knowing what you do is half of your protection.