Beware of the common hacks & hackers: types and ways to protect yourself

Common types of malicious hacks to be aware of

Malware

As a broad umbrella term, malware refers to any computer virus, worm, trojan horse, spyware, ransomware, adware, or other malicious software. It’s been plaguing us since the dawn of computers and can sneak into your device without you knowing. For example, you might get it when visiting an infected website or downloading files from unknown sources.

Tips to avoid malware

• Use antivirus and malware protection software to monitor your computer system;
• Use an Adblock VPN to protect yourself against ads and harmful websites;
• Update your PC and software regularly, so all vulnerabilities and identified weaknesses get patched;
• Don’t open email attachments from unknown sources. Scan all files and photos you download with an antivirus before opening them;
• Don’t download anything from pop-up windows.

Injection attacks

This refers to altering the code of a program by ‘’injecting’’ malicious code into its programming, resulting in a different execution of the program. Usually, it means hacking a web page.

In most cases, such attacks allow hackers to gain access to information they wouldn’t otherwise be able to access. This information could be sensitive data like login credentials, payment information, etc. There are two types of injection attacks.

SQL injection 

This technique exploits server-side security vulnerabilities and targets the server’s database. An attacker inserts malicious code, modifies or deletes database data, or even issues commands to the underlying database management system by injecting SQL statements. These are then executed as part of the original database system. 

Cross-site scripting

Works similarly to SQL in how the code is injected and differently in how the attack exploits client-side vulnerabilities and targets other server users. A site will have injected code into its content and then deliver the malicious script to visitors.

Tips to avoid damage from injection attacks:

Since this hacking technique happens at the code level, there is not much that consumers can do to protect themselves other than stay informed about websites that have been hacked.

In theory, services should notify you if leaks happen. However, many companies hide such facts until the last minute to postpone reputation and revenue losses. Even then, information about leaks usually appears in hacker forums before the companies announce it. To avoid possible damage, get a service that notifies you if any breaches happen to your email, ID, or password, like Surfshark Alert.

DNS (Domain Name System) spoofing

Known as DNS cache poisoning as well. A DNS cache is a storage place that stores and saves DNS records of already visited domain names. A DNS cache is used to get a faster response for DNS queries of domain names that have been recently visited.

DNS spoofing means injecting forged entries into the DNS cache in order to redirect people to other than intended websites.

To put this method in layperson’s terms, a DNS cache ‘’remembers’’ the address of the website you visited, and the next time you go to it, a DNS cache is used to get the address. A DNS cache poisoning rewrites that address.

Tips to avoid DNS spoofing:

• Make a habit of using services that use the DNS security protocol (DNSSEC);
• Filter your DNS servers;
• Lower the time-to-live value (TTL) of your DNS caching servers (WARNING – lowering it will cause the web page to load slower, so it’s best to tweak around and find a balance between optimal performance and good security);
• If you’re a business running a sizeable network – invest time into DDI (DNS, DHCP, and IPAM) and hire a security specialist to manage your network.

Watering hole attack

A watering hole attack is a hack that uses multiple techniques to get confidential data.

Named so because of the way some hunters hunt. Instead of chasing prey, they wait for it where it’s most likely to go – a body of water. A hacker uploads malicious code onto the webpage, and eventually, unsuspecting page visitors trigger the code and download it. A watering hole attack targets the site you’ll eventually visit.

Techniques hackers use in watering hole attacks:

• SQL Injection: a hack used to steal user data;
• Cross-site scripting (XSS): this happens when a hacker injects malicious code into the site’s content;
• Malvertising: a harmful code is injected into an advertisement in a similar way to XSS;
• DNS spoofing: hackers use this technique to send targets to malicious pages by tweaking DNS requests;
• Drive-by downloads: downloading malicious content without the person’s knowledge or action. For example, when an automated update download happens, the hackers put their corrupted files into the bundle of normal files;
• Zero-day exploitation: zero-day vulnerabilities on a website are common hunting grounds for watering hole attackers.

A watering hole attack may lead to the hacker downloading and installing malware onto your device. For example, a keylogger – an intrusive spyware running in the background and recording the keystrokes you make when you type anything (read: password) on your device.

Tips to protect yourself from watering hole attacks:

• Keep all your software up-to-date to prevent any exploits the older versions may have;
• Have a reliable antivirus software scanning for any unplanned downloads;
• Keep one eyeball on your web traffic for any strange apps running in the background;
• Stay informed and avoid visiting leaked websites.

Bait and switch

Bait and switch hacking lures victims into downloading malicious software or clicking on malicious links by disguising them as legitimate. Bait and switch links are often disguised as anything from pictures to video files or social media links and are a widespread type of hack on social media platforms.

Tips to avoid bait and switch hacks:

• Use ad-blockers and browser extensions that block known malware sites;
• If a reputable website promotes anything unusual, be sure it’s genuine by going directly to their official page and looking for the deal;
• Check if hackers hijacked the websites with tools like URLvoid or VirusTotal;
• Look for signs of malicious apps and software using anti-malware or antivirus tools;
• Avoid ads or websites that promote too-good-to-be-true deals or free stuff; 
• Beware of poor grammar in emails or websites. You can check if the text has any mistakes by copying it into Grammarly.

Cookie theft

Cookies are files that record your online browsing data and preferences. Using a victim’s session ID, hackers can duplicate that cookie and hijack your session even if your user credentials are encrypted.

After cookie theft and session hijacking, hackers can access your active session (i.e., whatever you’re doing on your browser at that moment). That’s why many websites ask you to log in after five minutes of inactivity. Most cookie theft occurs through unsecured public Wi-Fi.  

Tips to avoid cookie theft:

• Use a VPN when connecting to a public Wi-Fi network, or avoid public hotspots altogether;
• Clear your cookies after each browsing session (or set your browser to do so automatically). Also, check out our article on how to stop cookie pop-ups;
• Use a VPN to encrypt your internet traffic; 
• Only browse on HTTPS connections. HTTP connections are not secure, and your browser will warn you if you try to connect to an HTTP site. If unsure, look for the lock icon next to your URL in the address bar.

Fake WAP (Wireless Access Point)

Fake WAP is a cyberattack when a hacker sets up a fake Wi-Fi spot with a convincingly real name in a public location (e.g., “Starbucks WiFi”). When you connect to this fake spot, hackers can monitor and modify internet connections to steal sensitive data or compel users to download malware onto their devices. Such attacks also lead to Man-in-the-Middle hacks, which we will discuss next.

Tips to avoid fake WAP attacks:

• Avoid public Wi-Fi connections if possible, or use a VPN when you do use it;
• If you have to connect to public Wi-Fi, search the location for an official Wi-Fi network name and password. To be extra cautious – ask an employee what the legitimate network is called before connecting; 
• Encrypt your internet traffic with a VPN.

Man-in-the-Middle attack

Man-in-the-Middle attacks are a type of cyberattack where the hacker places himself between two parties communicating over a connection. This allows him to intercept, modify or prevent their communication.

For example, assume you get an email from your bank asking you to confirm your contact data. The email contains a link to your bank’s website, which you click and then log in. But the website isn’t the bank’s, and you’re really giving the attacker your credentials.

The worst part about this attack is if the hacker’s already in the middle, encryption won’t help.

Tips to avoid Man-in-the-Middle attacks:

• Carefully check websites and URLs for typos, domain spoofing, etc. (learn more about URL structure and how to spot fake websites in our article URL phishing: Links engineered to hook you);
• Make sure you browse on secured websites with HTTPS in the browser;
• Make sure you are browsing a legitimate website using URLvoid or VirusTotal;
• If you are unsure about scenarios like the bank example, type the URL into the browser as you normally would instead of clicking the link;
• Avoid connecting to public Wi-Fi networks. Use a VPN if you absolutely need to use public Wi-Fi;
• Protect yourself against malware by using malware protection software.

Denial of Service/Distributed Denial of Service (DoS/DDoS)

A denial-of-service (DoS) attack is a cyberattack in which the perpetrator seeks to make a service unavailable by flooding it with requests (you make a request to a website every time you try to access it).

In contrast, a DDoS attack involves multiple machines that generate data requests from different IP addresses, making it challenging to filter out malicious traffic.

DoS and DDoS attacks are hard to defend against. This can either crash or slow down servers and make business websites unusable. Cutting off a business from the internet can cost them a lot of money.

Tips for individuals to avoid DoS/DDoS attacks:

• Reset your IP address on a regular basis;
• Always check the links you’re about to follow from emails or random parts on the internet with VirusTotal;
• Improve your home connection by regularly renewing your hardware and making sure it’s up to date.

Tips for organizations to avoid DoS/DDoS attacks:

• Move to a cloud. Clouds have more bandwidth and stronger network security than most private networks and are safer against DoS attacks;
• Look out for unusual activity outside of the network’s normal traffic pattern;
• Promote good cybersecurity and network security hygiene practices among your employees;
• Boost your bandwidth to handle more traffic volume;
• Have a response plan in place to quickly recover in case of attack.

Phishing

How do hackers get your information? Usually, it’s via phishing — a cyberattack that aims to lure its victims’ credentials out without making any changes to a device. It can come as email, text, or phone call and appear to be from a trustworthy source but is actually from someone trying to gain access to personal information. These emails often ask for specific data like credit card details, account numbers, passwords, PINs, and more.

Phishing emails usually include intimidating messages that urge the receiver to respond immediately. They typically incorporate the organization’s trademarks and design components to make a phishing attack seem more official. These attacks are one of the most popular methods hackers use to steal your data. 

Want to learn more about this hacking technique? We’ve got you covered on information about phishing.

Tips to avoid phishing attacks:

• Think twice before you hand over sensitive information. Verify that the message actually came from the claimed sender;
• Look for grammatical errors, logos that look just a bit off, strange formatting, and other signs that are not typical of the company or person the sender claims to be;
• Don’t open attachments that come in your email. Always scan them for viruses and malware on cybersecurity sites we‘ve mentioned before;
• Never blindly follow links in your emails. Hover over them to see where they actually lead and check the URL on cybersecurity websites if it’s looking phishy;
• Watch out for a sense of urgency in a phishing email. This method gets users to hand over information or click links quickly without thinking about it;
• Read cybersecurity news to stay informed of the latest phishing techniques; they are constantly evolving.

Clickjacking

Better known by its ‘’street’’ names – the overlay attack and UI redressing attack. A hacker hijacks your click by getting you to click on a legitimate-looking link, which, in fact, is malicious. This is achieved by putting up a transparent window over the one you’re on. Often, such a click takes you to another webpage that looks like the legitimate one you’ve just visited.

This attack looks like a MIITM attack and works similarly to a watering hole attack, but it primarily aims at web pages.

Tips to avoid clickjacking attacks:

• Stay inquisitive when clicking on links – hover over where you’re about to click, and a grey box at the bottom of the screen will appear with a URL. Check if the domain name is the same as the one you intend on visiting;
• Be aware of social engineering – many clickjacks happen with the help of phishing on social platforms, and what seems like a legitimate message from a service provider might be a hacker waiting for you to comply with a request;
• Use browser extensions and add-ons – search for clickjacking preventative add-ons that are compatible with your browser.

Types of hackers to be aware of

Hackers are categorized into three main groups – black hat, gray hat, and white hat hackers. The hats refer to old western movies, where the good guys wore light-colored hats, and the bad ones wore black. There are also subcategories branching out of the main three, but generally speaking, the moral intent of the hack describes the color of the hat.

Black hat hackers – cyber terrorists and cybercriminals who look for exploits to further their own goals by abusing others.

Gray hat hackers – the moral gray area of hackers – sometimes hack into networks to steal, sometimes to help.

White hat hackers – ethical hackers that protect people by providing cybersecurity and fixing vulnerabilities in often used systems.

Red hat hackers – fighting fire with fire – people using illegal means (infecting systems, DDoS attacks, etc.) to fight black hat hackers;

Green hat hackers – people who are new to hacking and eager to learn. Usually not malicious, but can cause harm while learning to hack.

Blue hat hackers – hackers who hack into systems to take revenge on an organization. Usually, a blue hat hacker will be an ex-employee seeking revenge on a former workplace.

Hacktivists – people who form hacker groups to target terrorists, criminals, and sometimes organized crime.

Script kiddies – amateur hackers who lack the expertise to write their code, so they use other people’s scripts.

Tips to protect yourself against hackers

All the types of common hacking techniques may seem daunting, but you can generally protect yourself online with the following tips: 

1. Always keep your software up-to-date. Companies often release patches for security vulnerabilities;
2. Enable firewalls. They won’t block all hackers, but they will slow them down;
3. Use antivirus software to catch malware and viruses quickly;
4. Change your router’s password and firmware regularly. Disable UPnP, Remote Access, and WPS to increase security;
5. Avoid using public Wi-Fi without a VPN. Since it’s unsecured, most hackers can easily gain access to your information and steal your data;
6. Use a VPN. VPNs encrypt your browsing data and IP address, so it protects against several types of hackers;
7. Stay up to date on the latest threats in cybersecurity. 

Protect yourself from different types of hacks

Cybersecurity is already paramount in our lives, and it will only get more important as our lives become more digital. There are two things that can help you protect yourself from cybercriminals and different types of hacks – tools and awareness.

For tools, I recommend you start using a VPN and antivirus software every day (Surfshark has both). For awareness, cybersecurity blogs and news sites can help you out. And if you prefer more digestible content, check out our YouTube channel for the latest Cybernews.

FAQ

What is the biggest hack in history?

Yahoo got hacked in 2013 – around 3 billion accounts were compromised, with 500 million more the following year. The hackers got their hands on names, security questions, passwords, and contact details.

What are the most famous hacks?

In chronological order:

1995 – The Citibank Hack;

1999 – The Melissa Virus;

2000 – The Mafiaboy Attacks;

2001 – The American Military Hack;

2005 to 2012 – The American Businesses Hacks;

2006 – The Iceman Hacks;

2008 – The Heartland Payment Systems Hack;

2008 to date – The Conficker worm;

2010 – The Nasdaq Hacks;

2013 – The Spamhaus DDoS Attack;

2013 – The Yahoo Hacks;

2014 – The iCloud Celebrity Hacks.

Who is the no. 1 hacker in the world?

Kevin Mitnick is considered to be one of the best. He’s a controversial hacker who turned to ethical hacking. He was once ranked FBI’s most wanted hacker for hacking over 40 corporations, with Nokia and Motorola among them. Since the 2000s, he turned to consulting and quickly became a well-renowned and sought-after security expert.