Businesses are exposed to various web security threats. Here we list some of the major threats that every organisation should be wary of and take pre-emptive steps to protect end users.
1. Adware
Adware is a small software program which displays advertisements and pop up ads on the screen. These ads are likely to track the personal information and furnish it to third parties.
2. Blended Threats
Blended threats are a combination of several threats and attacks. The destruction caused is immense in one occasion. Example of a blended threat would be downloading an attachment containing virus. The downloaded attachment might contain Trojan horse which will cause damage to the computer on a continual basis.
3. Data Driven Attack
The threat is actually encoded in data when unknowingly executed launches an attack.
4. DNS Spoofing
This type of attack takes place when a hacker gains control over the DNS of the domain. They then redirect the visitors to another site by retaining the same URL. The customers believe that they are on to the trusted site as the same URL is maintained.
5. Flooding
Flooding is a process of directing voluminous information to the system / server causing a Denial of Service (DOS) attack.
6. Pharming
DNS spoofing is followed by Pharming as customers data is stolen as they enter it into the bogus site to which they have been taken to. The customers are unaware, as they believe that they have entered their information into the trusted site as there is no change in the domain name.
7. Phishing
Phishing has been a popular tactic employed and executed successfully over the years. An email will be received by the customer stating that there is a problem with a particular financial account. The email will also direct either to click on a link to fix the problem, or to provide more data within the email. The site from the link appears to be very similar to the real financial institution’s site. It’s done! The hackers have been successful by capturing the personal data of the customers, as they update information in the bogus site.
8. Smurfing
Smurfing attack is software based and involves sending large amounts of data to your site, causing a denial of service (DOS) similar to Flooding.
9. Spyware
Spyware is software that utilizes the Internet connection without the knowledge or permission of the customer. This is software normally gets installed on the machine through the free software which has been downloaded. The software monitors the Internet activity and reports the information to hackers after being installed. It can also be used to grab the personal information like email addresses, credit card data and passwords which are the essential data required by hackers.