There are many necessary technical services needed for operating an internet. The required services are routing, addressing, domain naming, and database management. Without these services, the internet is not possible. These services of the internet are also primary targets for cybercriminals.
Cybercriminals use a different technique to capture data stream over a network. These techniques put in dangers all sensitive data, like username, password and credit card information. These techniques included botnets, DDoS, hacking, malware, pharming, phishing, ransomware, spam, DNS Spoofing, and Man-in-the-Middle also. Criminals also used these techniques for monitoring and recording all information coming across a network. Following is the short explanation of the above technique.
Botnets are largely undetected because it collects software robots, or ‘bots’; that creates a group of infected computers known as “zombies”. Zombies have remotely controlled by its originator. You may one of them and you may not even know it
Distributed denial-of-service (DDoS)
A distributed denial-of-service attack or a DDoS attack is an attack when an infected user gets a network of zombie computers to sabotage a specific website or server. The attack occurs when the malicious user tells all the zombie computers to connect to a particular server or a website again and again. That increase the volume of traffic on that specific server or a website resulting overloading that slow the server and website for legitimate users; sometimes the website or server shuts down completely. By using a malicious user computer the attacker also can take advantage of security vulnerabilities and weaknesses and could take control of your computer. The attacks are “distributed” because the attacker is using several computers to launch the denial-of-service attacks.
Hacking is an expression used to explain actions taken by someone to gain unauthorized access to a computer. This is a process by which cybercriminals gain access to any computer connected to the internet.
Pharming is another type of online fraud. It’s mean to point the user to a malicious and illegitimate website and redirecting the legitimate URL to a fake website even the entered address is correct.
Phishing is easy to execute and its required very little efforts therefore many cybercriminals use phishing. Criminals sent fake emails, text messages and created a website looking authentic. They use email, messages, and website to steal personal and financial information from users. This is spoofing.
Ransomware restricts access to the users own computer and files. It is a type of malware that displays a message and demand payment to remove restriction from the computer and files. The email has a malicious attachment and pop-up advertisement is the most common type of ransomware infection.
Spam is another common method of sending information out and collecting it from unsuspecting people. The spam distributes unsolicited messages; advertising or pornography to the addresses that are easily available on the Internet through like social sites; company websites and personal blogs.
This technique is also used to associate with phishing in trying to steal information. Domain Name Service (DNS) translates an IP address into name and Domain name into IP address; such as www.networkustad.com, into its numerical IP address and vice versa. If a DNS server does not know the IP address of the required domain, it will ask another DNS server. Using DNS spoofing, the cybercriminal introduces fake data into a DNS resolver’s cache. These attacks develop a weakness in the software of the DNS system that causes the DNS servers to send traffic for a particular domain to the criminal’s computer; instead of the valid owner of the domain.
They also use irregular devices, such as unsecured Wi-Fi devices and access points. If the criminal installs unsecured Wi-Fi near a public place; unsuspecting people may sign in to these devices and the packet sniffer copies their personal information.
Packets forgery or packet injection interferes with an established network communication by constructing packets become visible just they are the part of a communication. It allows a criminal to interrupt or catch real packets. With this process; a criminal can hijack an authorized connection or denies an authorized person able to use assured network services. This is a man-in-the-middle attack.