Last updated: December 25, 2022
Today all our information is available everywhere, which is why it is essential to know the techniques used by hackers, computer threats and online scams to know how to protect yourself from them.
Hackers start their work with a investigation of their target : the victim's IP address, the software installed on the victim's computer. And it is easy to find this information on the internet using social networks, online forums… etc.
Once this information is obtained the hacker can begin his hacking process. In this article I offer you some hacking techniques and advice on how to avoid it.
1. Clickjacking
Le Clickjacking is a malicious technique intended to trick an Internet user into providing confidential information or to take control of their computer by causing them to click on secure pages. There is an invisible frame under the web page like the effect of a layer, to encourage the user to click on hidden links.
An example was carried out with a flash game where the Internet user must click on buttons to score points. Some clicks in the game make the user click on permissions to activate the computer's webcam.
To avoid falling victim to this kind of malicious action, go through a web browser security and install the extension Ghostery available on the 5 main browsers. This extension blocks scripts and various Clickjacking techniques.
2. Phishing
Phishing or “phishing” means a malicious action carried out by a hacker who aims to extract confidential information: banking information, passwords, data relating to your private life.
This is why you must check the address of the page you are going to via your browser (in the status bar or via "Information on the page" in Firefox).
Very often effective anti-spam will detect malicious email. Likewise, a recent browser should alert you if it comes across a questionable website.
And to protect yourself from phishing, I advise you to read this article: know if a site is reliable before accessing it.
3. Brute force attack
Brute force attack is a method used to find a password. It is a question of testing, one by one, all the possible combinations. You can test with Fireforce, a Firefox extension.
To avoid brute force attacks, you must:
- Extend the password if possible;
- Use the largest range of symbols possible (lowercase, uppercase, punctuation, numbers); the introduction of national characters.
4. WEP key cracking
WEP is a protocol used to secure WIFI networks whose security level has become insufficient.
It is difficult to secure WIFI, if it is not of much use it is better to disable it, otherwise you can also adopt the WPA protocol even if it is easily crackable in some cases, if by example the number of characters used in the key is very low (less than 8 characters for example). This is why it is strongly recommended to use the 64 characters of the key (which pushes the number of combinations to 227^64) and to use accented characters.
5. Malware
Those are the malware like trojans, worms, spyware, adware, viruses that can somehow spread or destroy the information that exists on your computer.
The best way to guard against malware is to use a good antivirus and an anti-spyware and a firewall.
6.IP spoofing
IP spoofing is a hacking technique which consists of the spoofing of an IP address, it is made believe that the request comes from an authorized machine.
Correct configuration of the ingress router prevents an external machine from masquerading as an internal machine.
7. DNS spoofing
Pushes a DNS server to accept the intruder. Solution: separate the DNS of the LAN from that of the public space. For more details on this attack, Read this tutorial.
8. Mail bombing
Mail bombing is an attack that involves sending a large number of emails to a recipient to saturate their inbox. It makes two victims, the ISP who must undergo the processing of this information and repair the damage as well as the recipient of the messages who can no longer receive e-mail for a significant period.
This is why only communicate your e-mail address to trustworthy people. Also avoid posting it on forums and installing software antispam to block access to identical emails sent within a very short time interval.