Skip To Content

    What Are The Most Common Types Of Cyber Attack?

    What are the most common types of cyber attack? What you should be looking out for, and what you should do if you come in to contact with one.

    Cyber attacks are simpler than you might think

    PwC / Via

    Many people might think that cyber attacks are large-scale operations made by rogue government agents or militias (thanks, Mr. Robot!) But, they're more common than you'd think and can be quite low-key. Here are some of the more common cyber attacks, and what you can do to prevent them.

    Phishing attacks

    Net DNA / Via

    It's called phishing for a reason - it involves a bait and switch, basically. Attaching harmful files to seemingly innocent emails and messages for unbeknown users to open - that is phishing. It can be done in a number of ways, but, these attacks tend to be sent out as emails disguised to be from trustworthy sources.

    To combat and prevent phishing attacks, it's vital to understand email verification; file extension types; and basically knowing when something doesn't look quite right.

    Malware attacks

    IBTimes / Via

    Malware covers a number of attack types - viruses, worms, trojan horses etc. But, they all describe software and programs that are installed on your system without your consent or knowledge. They usually piggyback on downloads that come from unsecured websites, or, can be part of the aforementioned phishing attacks. However they come about, all we know is that we don't want them.

    Having a quality anti-virus and firewall software installed is the first step to undertake. They can usually stop them at the door, so to speak. But, again, just being aware of what you're about to download can also make a great difference.

    XSS (Cross-site scripting)

    Medium / Via*tMkutRJYKsRjd7hAsKiuWQ.jpeg

    While the attacks mentioned already have targeted specific users, XSS tends to target vulnerable websites. If a website has weak spots, attacks can inject their code into the website in question's source code. This will let them record keystrokes and other information gathered by these sites, like cookie information. They can be particularly evident in sites that use JavaScript.

    There are programs out there designed specifically to detect any vulnerabilities on your website and can help you plug the holes. If you're not 100% sure your website is completely secure, it would definitely be worth your while running one of these.

    Session Hijacking

    Kapersky / Via

    The previous three attacks all tend to take place in the background. Session hijacking, however, can take place in real time. Session hijacking occurs when an active session is exploited. A session is the time period where two computer systems are communicating, such as a user visiting a website. These hijacks also tend to target cookies in order to gain user information and use it in illegal manners.

    To stop session hijacking, again, quality antivirus and antimalware should be installed to as preventatives.

    Credential Reuse

    Dashlane / Via

    This one is a bit more down to earth, with credential resue being the act of credentials being reused. Shocking! But, if an attacker gets a hold of your password, and you use your password for everything...then, well, it's pretty self-explanatory.

    Exercising proper password protection here is paramount to security. Alternating between a few passwords still isn't ideal, you really do need to be using different passwords for everything.