Cyber criminals gain access to systems, personal information, and accounts mostly through people. The image of a hacker sitting in the dark attempting to crack encrypted data, or steal your password happens primarily in the movies. In most cases, methods are used to trick people into providing sensitive information. They do that by implementing different types of cyber attacks.
In this article, I will review some of the methods hackers use to gain unauthorized access to your data.
Phishing is a well-constructed email that is designed to trick you into providing sensitive information, e.g., account credentials, passwords, etc. The email may appear to come from a trusted company, co-worker, or a company manager. There will be one or more links for you to click, which will take you to a fraudulent site where you would provide the requested information.
Vishing is like phishing but using a phone call instead of an email. You may get a call claiming to be a technician from Microsoft or another trusted company. The idea is to trick you into providing sensitive information that may be used to access, i.e., steal your data or money.
Smishing is another form of phishing except that it uses text messages instead of emails. There will be either a phone number or a link that will take you to a fraudulent call center or website respectively. Again, the goal is to steal information.
Spear phishing is a targeted phishing attack on someone in a company. Whaling is a type of spear phishing where an executive of a company is attacked.
Malware is another method used by cyber criminals to gain unauthorized use of a system or to steal personal information or credentials. Malware might be installed when a person clicks on a link or opens an email attachment. The malware might be merely malicious, meaning its only purpose is to damage your system. They may also be used to gain information and report back to the criminals database.