Common User Threats

Phishing: 

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about Phishing: 

How phishing works: 

Phishing attacks typically rely on social engineering techniques applied to email or other electronic communication methods, including direct messages sent over social networks, SMS text messages and other instant messaging modes. 

Phishers may use social engineering and other public sources of information, including social networks like LinkedIn, Facebook and Twitter, to gather background information about the victim's personal and work history, his interests, and his activities. 

Pre-phishing attack reconnaissance can uncover names, job titles and email addresses of potential victims, as well as information about their colleagues and the names of key employees in their organizations. This information can then be used to craft a believable email. Targeted attacks, including those carried out by advanced persistent threat (APT) groups, typically begin with a phishing email containing a malicious link or attachment. 

Although many phishing emails are poorly written and clearly fake, cybercriminal groups increasingly use the same techniques professional marketers use to identify the most effective types of messages -- the phishing hooks that get the highest open or click-through rater and the Facebook posts that generate the most likes. Phishing campaigns are often built around major events, holidays and anniversaries, or take advantage of breaking news stories, both true and fictitious. 

Typically, a victim receives a message that appears to have been sent by a known contact or organization. The attack is carried out either through a malicious file attachment that contains phishing software, or through links connecting to malicious websites. In either case, the objective is to install malware on the user's device or direct the victim to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details. 

Successful phishing messages, usually represented as being from a well-known company, are difficult to distinguish from authentic messages: a phishing email can include corporate logos and other identifying graphics and data collected from the company being misrepresented. Malicious links within phishing messages are usually also designed to make it appear as though they go to the spoofed organization. The use of subdomains and misspelled URLs are common tricks, as is the use of other link manipulation techniques. 

Distributed Denial of Service (DDOS) attack: 

A Distributed Denial of Service (DDoS) attack is an attempt made to take a website or online service offline. Attackers use a variety of ways to do this, but they all are designed to overwhelm the site with traffic from multiple sources.  

In a DDoS attack, the traffic flooding the site can come from hundreds or thousands of sources, which makes it near-impossible to stop the attack simply by blocking a single IP address. They can be distributed by infected computers via botnets, or coordinated. Sites also struggle to differentiate between a legitimate user and attack traffic. 

Malware and Trojans: 

Malware is a more generic term that can be used to refer to nefarious software, which has been specifically designed to disrupt or damage a computer system, while Trojans are programs that pretend to be something they're not, and include malicious additions. 

Trojans are often bundled with legitimate software (downloaded via P2P or file-download sites) but keep the original software intact to avoid suspicion and allow the Trojan to spread further. 

Once silently installed, a Trojan can have a number of different payloads - including letting hackers install additional malicious software, which expands the access these hackers have to your machine.