Cyber Awerness
- Home
- Security Tips
Security Tips
Cyber Fraud Awerness Article Dated On 25-Jun-2024
- Do not share the ATM Card Number with others.
- Do not share the CVV.
- Do not share the OTP to others.
- If your ATM card is lost or stolen, report it to your bank immediately
- Report lost or stolen phone immediately.
- Protect your phone with a strong screen password.
- Never share your Personal Identification Number (PIN) or give it out over the telephone even if the caller identifies himself or herself as your banker.
- Never give your PIN or confidential information over the phone or internet. Never share these details with anyone.
- Be cautious while open/download emails or attachments from known or unknown sources.
- Be careful about the websites you are browsing, if it does not look authentic, do not download anything from it.
- DO NOT write your pin number on the back of your card.
- Choose a strong password to keep your account and data safe.
- Use a mix of alphabets, numbers, uppercase, lowercase and special characters for password.
- Use hard to guess unique passwords and change them regularly.
- Don’t download software or content from untrustworthy sites.
- Don’t click on links that you do not trust.
- Read the privacy policy of a website before providing personal information.
CYBER SECURITY THREATS:
The definition of Cyber Threat is “The possibility of a malicious attempt to damage or disrupt a computer network or system.” In this definition the threat is defined as a possibility.
However, in the cyber security community, the threat is more closely identified with the actor or adversary attempting to gain access to a system. Or a threat might be identified by the damage being done, what is being stolen or the “tactics, techniques and procedures” (TTP) being used.
We are giving below the description of some of the Cyber Security Threats:
1.Denial of Service Attack:
A denial of service attack (DoS attack) generally consists of the concerted efforts of a person / persons to prevent an internet site or service from functioning efficiently. A DoS attack is an incident in which a user or organization is deprived of the services of a resource they would normally expect to have.
2.Distributed denial of service:
In a distributed denial-of-service (DDoS) attack, large numbers of compromised systems (sometimes called a Bot net) attack a single target, thereby causing denial of service for users of the targeted system. The flood of incoming messages to the target system essentially forces it to shut down, thereby, denying the service of the system to legitimate users.
3.Ransom ware:
Ransomware is a type of malicious software from crypto virology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid.
4.Malware:
Malware is the term for maliciously crafted software code. Special computer programmes now exist that enable intruders to fool an individual into believing that traditional security is protecting him during online banking transactions. Attacks involving malware are a factor in online financial crime.
5.Phishing:
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.
6.Spear Phishing:
Phishing attempts directed at specific individuals or companies have been termed spear phishing. In contrast to bulk phishing, spear phishing attackers often gather and use personal information about their target to increase their probability of success.
7.Whaling:
The term whaling has been coined for spear phishing attacks directed specifically at senior executives and other high profile targets. In these cases, the content will be crafted to target an upper manager and the person’s role in the company. The content of a whaling attack email may be an executive issue such as a subpoena or customer complaint.
8.Vishing:
Vishing is the illegal access of data via voice over internet protocol (VoIP). Vishing is IP telephony’s version of phishing and uses voice messages to steal identities and financial resources. The term is a combination of ‘voice’ and ‘phishing’.
9.Drive-by-downloads:
Drive-by download means two things, each concerning the unintended download of computer software from the internet:
Downloads which a person has authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet) automatically.
Any download that happens without a person’s knowledge, often a computer virus, spyware, malware or crimeware.
10.Browser Gateway frauds:
The information sent and received from a PC/device is routed through an undesired path on the network thereby exposing it to unauthorized entity. The only gateway to outside world for the PC/device being the browser that has been compromised.
11.Ghost administrator exploit:
A ghost administrator exploit is a code that takes advantage of a software vulnerability or security flaw to gain Administrator’s rights/privileges in the system. This exploit allows the attacker to mask his identity in order to remotely access a network and gain Administrator rights/privileges, or move deeper into the network. In some cases, an exploit can be used as part of a multi component attack, which can include backdoor viruses and/or spyware to steal user information from the infected systems.