5 Most Common Types of Cyber Attack

The growth of the internet has created so many effective ways for businesses to expand and for people to connect with one another. However, it also brings increased cyber security risks. Cyber criminals use various types of cyber attacks to exploit vulnerable systems and susceptible people.

Hackers who steal your personal information may use it to commit identity theft or hold it for ransom, which is damaging for anyone. The consequences can take years to rectify and have severe emotional and financial impacts on individuals and businesses alike.


Therefore, it’s crucial that you understand the most common cyber attacks and how to avoid them.

What is a Cyber Attack?

Cyber attack is an attempt to disrupt or gain access to an individual’s, or a business’s, system or data. Hackers carry out cyber attacks by using malicious programs, deceptive files, and fake web pages to infiltrate systems and online accounts.


Most Common Cyber Attacks

1. Socially engineered malware
Socially engineered malware, lately often led by data-encrypting ransomware, provides the No. 1 method of attack. An end-user is somehow tricked into running a Trojan horse program, often from a website they trust and visit often. The otherwise innocent website is temporarily compromised to deliver malware instead of the normal website coding.

The maligned website tells the user to install some new piece of software in order to access the website, run fake antivirus software, or run some other “critical” piece of software that is unnecessary and malicious. The user is often instructed to click past any security warnings emanating from their browser or operating system and to disable any pesky defenses that might get in the way.

Sometimes the Trojan program pretends to do something legitimate and other times it fades away into the background to start doing its rogue actions.


Socially engineered malware programs are responsible for hundreds of millions of successful hacks each year. Against those numbers, all other hacking types are just noise.

2. Phishing attacks
Most cyber security failures are the result of human error. Many individuals think that using a work computer will prevent them from being hacked. They assume the company’s existing firewall and security measures are sufficient. As a result, they drop their guard while checking their work email. Phishing scams have come a long way in recent years, so they are not as obvious as they were in the past.

phishing-threat-100691616-large (1)

Companies can provide employee training to help their staff understand how to recognize this kind of threat.

3. Cross-Site Scripting (XSS)
In an SQL injection attack, an attacker goes after a vulnerable website to target its stored data, such as user credentials or sensitive financial data. But if the attacker would rather directly target a website’s users, they may opt for a cross-site scripting attack. Similar to an SQL injection attack, this attack also involves injecting malicious code into a website, but in this case the website itself is not being attacked. Instead, the malicious code the attacker has injected only runs in the user’s browser when they visit the attacked website, and it goes after the visitor directly, not the website.

One of the most common ways an attacker can deploy a cross-site scripting attack is by injecting malicious code into a comment or a script that could automatically run. For example, they could embed a link to a malicious JavaScript in a comment on a blog.


Cross-site scripting attacks can significantly damage a website’s reputation by placing the users’ information at risk without any indication that anything malicious even occurred. Any sensitive information a user sends to the site—such as their credentials, credit card information, or other private data—can be hijacked via cross-site scripting without the website owners realizing there was even a problem in the first place.

4. Denial-of-Service (DOS)
A denial of service attack involves the hacker flooding a website with more traffic than the server can handle, which causes it to overload and shut down. They do this by sending a high amount of connection requests to the site from their own computer, or from several that they hacked remotely. If they use more than one, it is known as a Distributed Denial of Service (DDoS) attack.

An attendee looks at a monitor at the Parsons booth during the 2016 Black Hat cyber-security conference in Las Vegas
Hackers usually carry out DoS attacks for political or social motives, rather than financial, as they cause disruption and confusion for the site owners.

5. Session Hijacking and Man-in-the-Middle Attack
When you’re on the internet, your computer has a lot of small back-and-forth transactions with servers around the world letting them know who you are and requesting specific websites or services. In return, if everything goes as it should, the web servers should respond to your request by giving you the information you’re accessing. This process, or session, happens whether you are simply browsing or when you are logging into a website with your username and password.

The session between your computer and the remote web server is given a unique session ID, which should stay private between the two parties; however, an attacker can hijack the session by capturing the session ID and posing as the computer making a request, allowing them to log in as an unsuspecting user and gain access to unauthorized information on the web server. There are a number of methods an attacker can use to steal the session ID, such as a cross-site scripting attack used to hijack session IDs.

Computer crime concept

An attacker can also opt to hijack the session to insert themselves between the requesting computer and the remote server, pretending to be the other party in the session. This allows them to intercept information in both directions and is commonly called a man-in-the-middle attack.


Businesses need to make sure they are employing the right kind of cyber protection. Many of the above issues are easy to mitigate with the proper cyber security and preventative measures. Businesses cannot afford to lose data related to their top dollar projects. To learn more about cyber security, join us at CyberCon Asia 2018!






How to keep you Children Safe On Line.

The Internet is an open source to the viewing public in a different age bracket, most especially to children who find the digital world as a playground of entertainment. In this critical stage, parents should be attentive in the activities and sites their children has been visiting. Children exposed to pornographic websites might be at risk in their development and arouse their sexual drive at a very young age that is worrisome.

There are tips on keeping the children safe online:
Read More »

Best Password for Accounts

Passwords in social media accounts should be taken care of with utmost security to prevent threats and risks of being hacked online. Users should learn the basic knowledge in obtaining the best passwords of their accounts to be safe from cyber crimes. The following are some tips in creating the best password.

Read More »

Recovering a Hacked Account

Threats from malware, data breaches and cyber crimes often rooted when social media accounts are compromised by malicious hackers for financial gain and other crimes. The longer the account has been hacked, the greater damage it can cause. There are many ways in recovering social media accounts that has been hacked.

Read More »

Detecting A Hacked Account

Communication and transaction that goes through online are repository of private information that users should protect to avoid their accounts from being tampered by hackers. Netizens should be diligent in checking the status of their accounts in regular basis and secure the essential details by knowing the signs of a hacked account.

Read More »

Security Tips Over Different Social Media Platforms

The fast- paced evolution of technology endorses methods to individuals to channel themselves in the world through social media platforms. These online platforms make way to bridge communication and have played important roles in different aspect of the human lives. Along with the advantages are the risks of criminal activity, identity theft, cyber bullying and hacking. To avoid the threats of becoming a victim in cyber crimes, users need to learn the basic safety tips in obtaining a secured account in social networking sites.
Read More »