Common Types Of Cyber Attacks & Best Practices: 2022 Version

In most cases, the most common types of cyber attacks are also those that are the most easily preventable. Some of these most common types of cyber attacks include: password attacks, digital virus infections, phishing attacks, and man-in-the-middle attacks. We will go through each of these in detail below.

Protect Your Personal Data

Let Removaly keep a watchful eye on your personally identifiable information with automated, real-time data removal.

Digging Into The Types of Cyber Attacks

Password Attacks

Password cyber attacks are perhaps the most common types of cyber attacks. Despite this, they are also the most easily preventable. Password attacks are the first steps to gain access to a victim’s files and accounts.

A standard password attack may use a tactic referred to as social engineering. In this process, the attacker may utilize background research and context clues to guess passwords or security questions.

For example, if you have social media photos dressed in Raiders football gear, the first guess of a password could possibly be something along the lines of “raidernationxxxx“, where the birth year of a user replaces the X’s.

You would be extremely surprised how often this works flawlessly. People are notoriously careless with their passwords. Another common method of social engineering is guessing security questions based on publicly-available personal information. This is where utilizing services such as Removaly can come in handy. It’s relatively easy to guess your mother’s maiden name and your birthplace when it can be quickly and easily searched!

There is also a brute force attack. In this type of cyber attack, software is used to test out common word combinations to break characters lacking special characters. Per Statista, brute forcing common passwords can be done almost instantly. In comparison, 12 characters with at least one uppercase letter, a number, and a special character can take 34,000 years.

Where do you fall on the table?

The best practice to avoid falling victim to password attacks is to utilize strong passwords, differentiate them, and change these passwords often.

Digital Virus Infections

Another easily avoidable cyber attack variant reliant on human error is the downloading of viruses and trojan horses. Many virus downloads source from hastily-clicked links within data that hasn’t been authenticated. Unauthenticated data in this form can often take hold via pirated files.

At times, your torrented copy of an in-theaters movie, or the cracked copy of Photoshop, may contain an unseen hitchhiker. Viruses are pesky and troublesome and can cost you both time and occasionally money.

A Trojan Horse is a different type of virus. WIth these, you receive or download a file, and when you open it, it’s something different. They are some of the most common types of viruses that exist and have wreaked untold havoc over the past few decades.

These attacks are easily avoided by staying away from “quick and easy” file-sharing systems. Additionally, only getting your software downloads from well-known and reliable outlets.

Phishing Attacks

A slightly more difficult type of cyber attack to protect yourself against are phishing attacks (and all their similar variants). Phishing is the act of a hacker, scammer, or bad actor obtaining personal or information from you yourself. While they don’t typically do this directly, it does happen with some intervention on your part.

Sure, it would be obvious that you need to ignore an email that makes it into the main inbox that essentially says “please send over your username and password”. It’s common sense that (almost) all people wouldn’t fall for this kind of harmful phishing attack.

However, if you instead received an email from your bank that stated something along the lines of “at your request, your account is being closed. If this was done in error, please log in.” things may be different. The emotional trigger involved in receiving something like this would lead some to absentmindedly click through and log in via the received email.

It is at this point you become a phishing victim. Odds are high that the email itself linked to an expertly faked version of the bank’s website. As soon as you log into the fake site, they have your username and password and can use it for any malicious purpose they would like.

Congratulations, you’ve been played. However, sometimes phishing takes on additional cloaks to avoid detection and make the process seem even more believable.

In “spear phishing”, phishers target you utilizing some kind of personal information readily accessible online. This serves to make the received email seem more believable and personal, and amps up the susceptibility that you will fall for the phishing scam and become a victim of these types of cyber attacks.

The easiest way to avoid being phished is to never click on an un-requested link.  If your bank, ISP, phone company, etc. ever sends you an email and link, close the email and open your browser to enter through your already known good link.

Man-In-The-Middle Attacks

There are some types of cyber attacks that are far more difficult to protect against. These are the cyber attacks that are not reliant on you slipping up and making a mistake. One common version of this is a man-in-the-middle attack.

In man-in-the-middle attacks, the bad actor will tap into communications between your device and a server. It’s not common that an attack such as this will occur at your home. Instead, this will often occur at public, free wi-fi locations such as fast food restaurants, libraries, and coffee shops.

Here, a hacker can sit amongst the general public, looking like just another consumer, and peruse all your data through a compromised internet connection.

An even more common location for man-in-the-middle attacks to occur over public wi-fi is at large chain hotels. Even for password-protected hotel wifi, the passwords can usually be easily obtained. Additionally, it’s far more likely that guests at these hotels (especially ones near airports), will be engaging in business while in their room compared to those sitting at a local fast food restaurant.

To keep from being caught by the Man in the Middle, try to avoid using public and free wifi, keep updated protection on your machine, and if you must do business over an unreliable connection, be sure the website is secure; look for the S in HTTPS.

No matter how vigilant you are in protecting yourself against cyber attacks, there are so many evolving traps out there that we will eventually fall victim to one at some point.  The most common attack that is entirely out of your hands is the Drive-By Attack.  This is where the hacker uses the vulnerability of a website you visit to redirect you to an unsecured page or run a script directly from that web-site’s deficient code.  This has the nefarious advantage of being completely invisible to you while also being completely infeasible for you to protect against.

There is no way to protect yourself 100% against all forms of cyber attacks but if you use common sense, update your virus protection software, and stay aware enough that you’ll notice any unusual activity your device may be running in the background, you can stay ahead of the threats.

Leave a Comment