cyber security and privacy

Cyber Security and

Privacy

Contents Introduction

Hacking

Information Gathering Techniques

Website Information Gathering Techniques

Personal Information Gathering and Email Hacking

Social Engineering

Internet Banking Hacking

Virus

Prevention – Email Hacking

Prevention – Social Engineering

Prevention – Internet Banking Threats

Conclusion

Internet = "network of networks"

Consists of millions of private and public, academic, business, and

government Networks of local to global scope that are linked by

various technologies

Carries all kind of information resources and services, such as

electronic mail, online chat, file transfer and file sharing, online

gaming and the inter-linked hypertext documents and other resources

of the World Wide Web.

Hacking

Black Hat Hackers

A "black hat" hacker is a hacker who "violates computer security for little reason

beyond maliciousness or for personal gain"

White Hat Hackers

The term "white hat" in Internet slang refers to an Ethical Hacker.

Grey Hat Hackers

A grey hat hacker is a combination of a black hat and a white hat hacker

Information Gathering Techniques


Email Hacking

Social Engineering

Internet Banking Threats


Footprinting

Whois

Web Archive – The Wayback Machine

Search Engine

Virus

Computer Virus is a program or piece of code that is loaded onto your

computer without your knowledge and runs against your wishes.

These programs can be created manual coding or using various Tools

Worm is a program or algorithm that replicates itself over a computer

network and usually perform malicious action such as using

computer’s/network’s resources.

Trojan Horse is a program that seems to be doing one thing but is actually

doing another. It can be used to set up a back door in a computer system,

enabling the intruder to gain access later. (The name refers to the horse from

the Trojan War).

Web Scripts is a program executed from client/server side while accessing a

multimedia website.

Personal Information Gathering and

Email Hacking

Spamming is the use of electronic messaging systems to send unsolicited

messages (spam), especially advertising, as well as sending messages

repeatedly on the same site

Keylogger also known as a keystroke logger or system monitor. it can be a

program or a hardware installed in the system, which log each key strokes

and map it to a text file and send it to the creator or share it to a location.

Phishing is the attempt to acquire sensitive information such as usernames,

passwords, and credit card details (and sometimes, indirectly, money) by

pretending as a trustworthy entity in an electronic communication.

It is one of the biggest Cyber Crime.

Secret Questions is a security measure used to verify whether the user is the

authored owner.

Social Engineering- The Art of Human

Hacking

Social Engineering is a non-technical method of intrusion hackers use that

relies heavily on human interaction and often involves tricking people into

breaking normal security procedures.

It is one of the greatest threats that organizations today encounter.

Phishing

Baiting

Pretexting

Quid Pro Quo

Prevention –Email Hacking

Use osk instead of our physical keyboard.

Create a dedicated free mail address to use in the Risky sites.

Never use your Personal Email password while registering in known/unknown

web portals.

Never Reply to spams.

Use Bcc: and remove addresses when forwarding mails.

Use “[at]” instead of @. eg: myemail[at]gmail.com.

Don’t make mailto: links when building websites.

Don’t create an Easy to guess email address and password.

Prevention – Social Engineering

Be Suspicious of unsolicited phone calls, visits, or email messages from

individuals asking about internal/personal information.

Do not Provide personal information, information about the company(such as

internal network) unless Authority of person is verified

Before transmitting personal information over the internet, check the

connection is Secure and check the url is correct

If Unsure if an email message is legitimate, contact the person or company by

another means to verify

3rd Party test - Ethical Hacker

Prevention - Internet Banking Threats

Use osk instead of our physical keyboard to login to banking sites.

Go for the OTP instead of security password.

Before transmitting personal information over the internet, check the

connection is Secure and check the url is correct.

Never Response to anonymous call asking for your Account No, Credit Card No,

Transaction OTP etc.

Change your online banking passwords several times throughout the year—and

throw password1234 out the window. Make sure your login is a long mix of

numbers and letters, capitals and lower case.

Keep up with patches and maintain the latest updates for your Antivirus

software.

References

Hacking Crux 2 - Rahul Tyagi

https://www.google.co.in

http://www.howstuffworks.com

Questions?

Thanks!