Network Security

 

    Last week in class we went over how to use the ping and traceroute functions to learn about identifying possible network issues. Both these tests can be helpful in troubleshooting issues, but there are some attacks that will use pings against you. A couple of those are the ping of death or the ping flood attack. Both are a type of DDoS attacks which are meant to incapacitate the target computer. These are not the only nefarious things you will run into when using computers online either.

            There are a ton of ways that criminals will use to try to gain access to your computer for harm or a lot of times trying to steal your sensitive information such as passwords to banking information or your credit information. One such attack is called social engineering. According to Peltier (2020) “Social Engineering attacks are usually conducted by outsiders who use a variety of psychological tricks to get a computer user to give them the information needed to access a computer or network”. This could be a scammer calling you and using fear to try to get you to believe your computer is vulnerable and infected with viruses. They will use keywords and tricks to get you to allow them access to your computer to gain total control. They could install keylogging software on your computer allowing them to steal login information to a variety of websites. One way to avoid this type of attack is to not take the person on the other end of the phone's word. Hang up, get online and look up the name of the company the caller stated they were from and call them back to verify they are the ones actually calling you. That or if you know you are running trustworthy virus protection on your computer you can run a full PC scan to see if anything is detected. Make sure your antivirus program is fully updated before running the scan.

Another tactic criminals will use is phishing attacks. These are also a type of social engineering, but they use things like fraudulent emails that are designed to get you to click links or enter information to gain access to sensitive information on your computer. Ramzan (2010) says “The last few years has seen a rise in the frequency with which people have conducted meaningful transactions online; from making simple purchases to paying bills to banking, and even to getting a mortgage or car loan or paying their taxes. This rise in online transactions has unfortunately been accompanied by a rise in attacks.” A lot of people will get an email that contains the logo from their bank and will not think twice about clicking the link to access their accounts, this can give the criminals your login information to the site they are mimicking. Or they get an email that appears it is from their boss and will send information back to the criminals without knowing.. These types of attacks are rather easy to keep from being a victim to. Make sure before sending an email that you closely verify the email address that you are sending the information to. If you receive an email from your bank and they need information. Instead of clicking links, go directly to your banking website. If they need the info there will be an area for you to go and enter it in. Just a little bit of common sense and awareness can keep you safe from most attacks.

 References

Peltier, T. (2020). Social Engineering: Concepts and Solutions - ProQuest.

   Retrieved from https://search.proquest.com/openview/6535856a33b27389b0f070f8a841c1bd/1?pq-origsite=gscholar&cbl=52433.

Ramzan Z. (2010) Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft Retrieved from Phishing Attacks and Countermeasures | SpringerLink