M16 CYBERCRIME TYPOLOGY

avatar
Created by
Tadeo

Cards (18)

  • Web attack - penetrates the computer via the internet, by exploiting already known or zero day vulnerabilities
  • Structured query language injection - employs malicious codes and manipulates backend databases to access information that is not intended to be displayed
  • Cross site scripting - another type of injection breach where attackers inject malicious codes into trusted websites and applications. When a user faces an infected web page, the malicious javascript code is executed on the users browser. This code can be used to steal important information like username and password
  • DDos attack - aims at shutting down service or networks and making them inaccessible to the intended users. This attacks overwhelm the target with a lot of traffic and it with nandito lang information that can cause the website to crash. DDoS attacks are targeted primarily at web servers of high profile organizations, such as governments or trade firms 
  • Password attack - are simply meant to decrease or even attempt to obtain a user's password with the help of criminal intentions. Attackers can use dictionary attacks, passwords sniffers, are even cracking programs in such cases. This attacks are conducted by accessing passwords that are exported or stored in a file
  • Eavesdropping attack - is the passive monitoring of a communication and begins with the interception of network traffic. This type of cybercrime is also known as sniffing or snooping. In this type of cybercrime, individuals attempt to steal information that computers, smartphones or other devices received or send
  • Insider threat - a very common type of cybercrime. They are performed on a network or a system by individuals who have authorized access to the same system, mostly for revenge because their employer dismiss them are because they were selling sensitive classified information
  • Man in the middle attack - occurs when attackers eaves drop on the communication between two entities and actively exploit the information gained
  • AI powered attack - also hack many systems, including autonomous drones and vehicles, and convert them into potentially dangerous weapons
  • Drive by attack - use to spread malware through insecure websites. Hackers first look for websites with lesser security parameters and then plant malicious scripts into php or http code on to one of the pages. The script can then directly install the malware on to the computer of anyone who visits the site
  • Phishing attack - is a social engineering attack used to steal private data such as login credentials or credit card details as attackers pretend to be trusted individuals and trick victims into opening malicious links
  • Spear phishing attack - this attacks are aimed at specific organizations data and conducted by individuals who desire and authorized access.
  • Malware - is an umbrella term for a code or program intentionally built to affect or attack on computer systems without the users consent
  • PUP's (potentially unwanted program) - are a form of malware that is less threatening than the other types of cybercrimes. This type of attack uninstalls the required search engine and free downloaded apps in the victims system
  • Ransomware - generally blocks victims access to their own data and may even delete their data if the ransom is not paid
  • Trojan horse - is a type of malicious software that attempts to disguise itself to appear useful. It appears like a standard application but causes damage to data files once executed.
  • Teardrop attack - causes fragmentation in the general sequence of internet protocol (IP) packets and send this fragmented packets to the victims machine
  • Whale phishing attack - is a type of phishing that generally attacks people with high status such as cfo's or ceo's. It primarily aims at stealing informations as this individuals typically have unlimited access and work with sensitive data