Showing posts with label Anti Hacking. Show all posts
Showing posts with label Anti Hacking. Show all posts




The intruder (also Know as Attacker ) is the first element in the attack model.An intruder is a person who attempt to gain unauthorized access to a system ,to damage that system ,or to disturb data on that system .in summary ,this person attempts to  violate security by interfering with system availability ,data integrity or data
confidentiality .

Intro and their Activities can be categorized as follows.



Black Hat Hacker

Black Hacker
A black hat ( also called a cracker or Dark side hacker) is a person who uses his skill with computers and other technological items in a malicious or criminal manner.



Hacker Spies supported by Government

Hacker Spies



 These are hackers supported by government Organizations to get into enemy system for info Gathering 


Cyber terrorist 

Cyber terrorist




  Cyber terrorist attack the computers and info system of their enemies to cause physical ,real-world harm or server disruption with the aim of Advancing the Attacker,s own Political or religious goals.


Corporate Spies 


Corporate Spies



These kind of intruders are funded by  corporate agencies to get into system of market rivals and perform various action like info gathering on upcoming projects. research and development work ,Defacing of websites ,bringing down critical services ,etc.


Professional Criminals  


Professional Criminals


These intruder target the financial ( Including Commerce ) targets.Their Activities include Transferring funds illegally from banks and other financial organizations ,getting hold of customer info like credit card details , social security numbers,etc


Vandals


Vandals

Vandals Are intruders without any specific goals or motives.Their only aim to produce as much damage as possible to the target system .    



Thank You :)




phishing a technique used by cyber criminal who try steal your confidential info by pretending to be someone you trust.For example, you may receive an email that seems to have been sent by your bank asking for your account details,but in reality would have been sent by  a phishing expert. Even though the email seems very real,it is actually sent by a criminalize and is an attempt to steal your account password .phishing attacks have become even more dangerous and  sophisticated today, since they accurately replicate the legitimate trusted source font and will seem to come from a real email address .Typically phishing attack can be in the following form :



1) Account upgrade, System maintenance ,software crash or some other mundane reason


2) SMS text message that seems as if your bank or relative or friend is trying to get in touch with you


3) Instant message asking you for confidential details about some online account


4) private message on Facebook containing a link that may take you to a page that looks like a long-in screen for facebook ,but actually is a fake log-in screen that steals your password



There are some Simple Things that you can keep in mind in order to avoid becoming the victim of phishing Attack :



1)  Your bank or credit card company will under no circumstances ask for your password .Really .it will never happen


2)  if the email you have received contains a link , do not blindly click on the link ,since it could potentially lead you to fake log-in screen or a malicious website ,or execute some other type of phishing attack .Before clicking on link ,your can find out where it is going to tack you by holding your mouse over it for a few seconds and looking at the status bar of your browser


3)  you may receive an email that contains a like  that look very  authentic Even if you hover mouse over it may like the  link to a legitimate ,trustworthy website  .Take a look at the following web address - 
http://www.icicibank.com@www.xyz.123$.com .At first glance this may look like a page on the website of ICICI Bank , but in reality it will take you to a completely different address which begins Separately after the @sing. such Simple URL obfuscation trick are commonly used by cyber criminal to fool unsuspecting victims. Please do not click on any link in these email,no matter how genuine and trustworthy it might seem.



4)  Even if a link  seems safe ,if it was sent to your from a dubious source ,you should avoid using it log in to any of your account .whenever you want to long in to any of your accounts. whenever you want to log in to any online account ( email,bank ,social networking site or other ) , always open the browser in new window,type the website address and then type the username and password to log in ..


5)  Always check for 'http' in The URL address bar of your browser , before you enter any Confidential details on website .Typically, only trustworthy website will use 'http' and Phishing websites normally use 'http'


6)  Make sure that you are on a genuine website by carefully reading the URL address bar .Watching out for website with spelling that are similar to the actul website .For Example ,make sure you are not on 'Online.citibenk.com' Instead ' online.citibank ' .Cyber criminal are know to register   website domain names with a spelling similar to a trusted website.


7)   A simple way to differentiate between a real email and a phishing email is to carefully look for your full name mentioned somewhere in the email.Usually , a cyber criminal will not know your full name and will instead use a use a generic salutation ( like 'Sir ' or your email address  ) to address you.if you don,t find your full name or some other unique  identifier ( credit card number ,bank account number and other ) mentioned  anywhere in the email  ,then you should be suspicious.




8)  Another telltale sign to look out for is the fact that a phishing attack email will usually have a number of spelling or grammatical error 


9)  Most popular browser (like Google Crome ,Mozilla FireFox  and internet Explorer ) maintain a list of know phishing website in their database and  warn you whenever you are about to visit ant phishing website that appears in their databse.


10)   if you receive a link and are not sure  whether it is safe to click on it or not , you can check whether it has been reported as a suspected phishing website by submitting in to a site called PhishTank (www.phishtank.com) .This website maintains a comprehensive list of know phishing website and provides a quick way to check  whether a website appears in that list or not if you link appears in their database ,it is bad idea to click on it .

phishtank
Phishtank

phishtank


12.)  There are commercial anti -phishing software tools available that provide yoy protection against phishing attack .for exmple, McAfree,s Site Advisor Live is  a product that allows you  to identify and protect yourself from risky websites. You can  buy  it Online from http://home.mcafee.com/store/siteadvisor-live.


13)  most imp ,if you have never opened an account with a particular bank and they email you ,then it probably is a phishing attack.No matter how tempting their offer might be,do not click on any their links.


Note :- if you keep these simple tips in mind ,you won't have to worry about becoming a victim to phishing attack.



Viruses are Dangerous software that can cause great damage to your system.The antivirus software can protect your system from Virus,however at time they may not detect the new viruses .The best way to protect your system from Viruses is to prevent viruses from getting into your system ,as the virus mostly causes damage only after you run the virus infected file on your system 


Preventing Virus Attacks


  install Antivirus Software.



  Configure  the Antivirus Software to provide adequate protection by increasing the level of protection.



  Regularly Update the Antivirus Software.



  Scan Floppy Disk and Email messages before opening them.



  Be  careful before executing files that you receive by email with the extension .exe , .com or .vbs on the system ,as they can be infected with virus.



  Open  email attachment files only if you are expecting the attached file or the sender is known and has confirmed sending the file.



   inform the sender of an email of you suspect that someone has sent you a virus.



  Store a fake contact in your system address book such as  abcxyz@123.com so that you will get the bounced email if your system is infected and a worm or virus tries to send out emails using your Account .



  Try to avoid downloading and installing software from internet .if you have to download files ,download them from trusted sources.



  install Only Registered copies of software on the system.



  Visit The Antivirus Websites and refer to news Websites to know the latest viruses affecting systems.



  Download and Run  virus removal tools for the latest Viruses Available on trusted Antivirus websites, such as www.avast.com.



   Disconnect an infected system from the network and then scan it..



    In addition , to prevent the boot Sector Viruses ,you can use a write-protected floppy disk as ; the vir cannot copy itself to a Write -protected disk .



  To protect your system from marco viruses , disable the execution of macros on your system .




Thank you

Powered by Blogger.