HOME
Technology
Life
Discover science
Medicine - Health
Event
EntertainmentTypes of account hijacking attacks
Hackers attack accounts to access sensitive information of users, for profit purposes (such as bank accounts) or other purposes. In general, account hijacking can be classified into two categories: passive and active.
Passive attack
The type of attack that stolen account information is saved for later use. This type of attack comes in two forms: online (offline) and offline (offline) with specific objectives, made by perpetrators who directly access the victim's property. For example, the perpetrator has access to a user's computer to easily install a "key logger" or spy program to collect user data.
Offline attack has a limited range and low performance. This is the simplest form of account theft, does not require high 'skills' and does not cost any cost.
Users can become victims of this type of attack simply because they reveal their password or save it in an unencrypted form in a file with an easy-to-guess name on the hard disk. A recent study found that 50% of account theft was done by people close to the victim.
Online attack has no specific target. The attacker targets a large number of users on the Intrenet, hoping to exploit 'loose' systems or take advantage of users' trust to steal accounts.
This type of attack has a fairly high performance, up to 3% (according to a ComputerWorld report). The most common form of online attack is phishing.
The cost of online attacks is mainly used to buy email lists, 'weak' computer lists can put fake websites or order wrecking programs. This attack is often done by hackers who have 'skills'.
Active attack
It is a form of sophisticated attack that steals and uses accounts in real time. Active attacks are quite expensive and require high technical level. The "man-in-the middle" attack that creates fake websites between users and real websites is an example of an active attack. Active attacks are not a current security issue but they will be problematic in the near future.
When two-key authentication becomes common and passive attacks no longer work, criminals will have to resort to more sophisticated active attacks. Companies, especially financial institutions, need to prepare users to deal with this second wave of attacks.
The best defense against active attack is user-side computer security: ensuring that the operating system and all applications are fully updated and patched, updating the virus identification database and Malware, using a firewall for Internet connections, uses antispyware and malware tools to make sure your computer doesn't install unnecessary programs . Anti-phishing filters also help reduce the possibility of "stray" users Phishing websites.
- Robbery by 'driver' brain wave driver
- Reset account password in Vista
- Hackers: 10 famous attacks through all time
- OS X errors are dangerous for Mac users
- Viruses exploiting bank account numbers appear
- The mysterious attacks of sharks
- Vietnam: Detecting an online account theft
- Anti-theft account with KeyScrambler
- Attack Windows Vista in just two steps
- Google Desktop loopholes and attacks
- Variation in proteins helps to resist HIV attacks
- IGoogle Mining
What is the Snapdragon SiP chip?
How to create a yellow circle around the mouse cursor on Windows
Edit the Boot.ini file in Windows XP
3 ways to restart the remote computer via the Internet