Hacking attacks are getting stronger, gradually. If the past records are to be considered, it is evident that number of hacks is increasing every year. Hackers exploit the users’ security sense or you may call it laziness too. With the innovative ideas and users’ negligence, hackers have been stretching their kingdom to steal the important data of the victim and leave him bankrupt.
There are vivid ways of hacking your data. Here are the most common and tricky ways that the hackers try to accomplish their job.
Wireless Access Points
A fake WAP is the one of the tricky ways to hack data. All the hackers need to have is some software and a network card. They can make use of these two tools and project a fake wireless network to the users. The most targeted places are the coffee shops, airports, restaurants, and where ever you tend to use internet often. They name this fake WAP with a usual name and if you make a mistake of connecting to this network, then you give them an upper hand to make a way to all the unprotected data that you have in your system.
This network may ask you to create an account to enable it in your system. Most of the users may use the common username and password that are used for other websites like Facebook & Google. There they have your credentials and they will make every possible attempt to login other website accounts of yours.
Hackers are trying their best to reach and you need to do your bit of defending yourself, so it is better to make use of a VPN connection, when you’re using a network that is not known to you. This will make an encrypted connection, so that a shell is created around your unprotected data.
Stealing Cookie Files
Having cookies saved in your browser makes it easier for the same website to load easier the next time, you send a request to the specific website’s server. Cookies are tiny files that are sent by the websites you visit and sit in your browser. Cookies hold certain info, losing which to wrong hands may prove to be fatal and cookies theft has become a common practice by the hackers. It becomes easier, if you’re in a fake WAP or a shared network. In such case, hackers prefer to make use of Firesheep tool. This tool will show a detailed info of the cookie. Firesheep is a Firefox add-on. Once the information is obtained by the illicit folks, they will access your account as you would have done. Worse is, even the SSL/TLS-protected can be stolen.
To keep yourself protected against this cookie theft, it is important to take precaution. Remove the browser features that are not used at all. Most of the obscure tools sitting in your browser may give a chance to the hackers to exploit them to reach your data. Using the latest crypto cipher technology is a safer way. HTTPs websites are the ones that use this technology.
File Name Tricks
Few years ago, hackers made use of the file name to trick the users. Lately, Windows has fixed an issue of concentrating on the file name extension, but for years hackers made use of Windows feature of not differentiating the file extensions. Although this problem has been fixed now, but then this has made a foundation for other innovative ideas of the hackers. One among those ideas is ‘Right to left’ override, using which the user can be fooled of running a malicious file. For instance, instead of running AnnaKournikovaNudexe.avi, you may end up running AnnaKournikovaNudeavi.exe.
To avoid such issues, you need to know the exact name of a particular file or do not run any file that may look unusual to you or you’re not confident about it.
Redirection in Hosts File
Many of you may not be aware of the fact that there exists a ‘Hosts’ file in ‘C:\Windows\System32\Drivers\Etc’ of your Windows system. This file maintains the typed domain names corresponding to the IP addresses. Originally, this file was used by DNS server, so that the name-IP address resolution can be done. Hardly, there goes something wrong with DNS and users don’t see any need to check the ‘hosts’ file.
Hackers take it as a chance and find ways to make malicious entries, for the commonly used domain names. After the entry is made, hackers wait for the user to type that particular domain name. Once this happens, the entry redirects the users to a website that is nearly a perfect replica to the original website. The malicious websites are just the copies of the original ones, so that the users do not find that they have been tricked.
It is just a smart approach by the hackers to trap huge data. Companies are the targets of this attack, generally. This attack is based on a fact that organization’s employees may be at a common location like coffee shop or restaurant for work and in these places, they set up WAP connection to prey the organization’s data. They make certain malicious changes to a frequently visited website, so that they get an access over the data that will be used by the employees.
Waterhole attacks became big news, when companies like Facebook and Apple became the victims. The developers’ workstations became the target, when they visited the development sites. These websites were maliciously altered and the moment they visited these sites, malware files were installed and these computers were used to make a way to the internal network of the companies and perform the illegal activities.
To wrap up this discussion, we would say that you need to take the safety measures, while browsing the internet. Once the hackers make way to your computer, it belongs to them and you will have no control on it. Make sure that you do not run a program, if you’re not sure about. Remove the obsolete add-ons and plugins from the browser, as these features pave a good way for the hackers. Hackers have been there since the internet came into exist and they have been trying newer methods to ruin your peace. Although developers are working to provide patches, but you need to be more careful with your browsing habits.