Cyberstalking CyberstalkingCyberstalking
hannahroseline2
61 views
73 slides
Jun 29, 2024
Slide 1 of 73
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
About This Presentation
Cyberstalking
Slide Content
Cyberstalking Cyberstalking is when a cybercriminal uses email, direct messaging, or other electronic means to harass, scare, or threaten someone with physical harm. It takes different forms, including: Tracking someone's online activity or physical location. Stealing someone's identity for financial gain. The dictionary meaning of “stalking” is an "act or process of following prey stealthily– Trying to approach somebody or something.”
Cyberstalking has been defined as the use of information and communications technology, particularly the Internet, by an individual or group of individuals to harass another individual, group of individuals, or organization. Cyberstalking refers to the use of Internet and/or other electronic communications devices to stalk another person . • It involves harassing or threatening behavior that an individual will conduct repeatedly, for example, following a person, visiting a person’s home and/or at business place, making phone calls, leaving written messages, or vandalizing against the person’s property. As the Internet has become an integral part of our personal and professional lives, cyberstalkers take advantage of ease of communication and an increased access to personal information available with a few mouse clicks or keystrokes.
Types of Stalkers There are primarily two types of stalkers. 1. Online stalkers: • They aim to start the interaction with the victim directly with the help of the Internet. • E-Mail and chat rooms are the most popular communication medium to get connected with the victim, rather than using traditional instrumentation like telephone/cellphone. • The stalker makes sure that the victim recognizes the attack attempted on him/her. • The stalker can make use of a third party to harass the victim. 2. Offline stalkers: • The stalker may begin the attack using traditional methods such as following the victim, watching the daily routine of the victim, etc. • Searching on message boards/newsgroups, personal websites, and people finding services or websites are most common ways to gather information about the victim using the Internet . • The victim is not aware that the Internet has been used to perpetuate an attack against them.
How StalkingWorks ? It is seen that stalking works in the following ways: 1. Personal information gathering about the victim:Name ; family background; contact details such as cell phone and telephone numbers (of residence as well as office); address of residence as well as of the office; E-Mail address; date of birth,etc . 2. Establish a contact with victim through telephone/cellphone. Once the contact is established, the stalker may make calls to the victim to threaten/harass. 3. Stalkers will almost always establish a contact with the victims through E-Mail . Th e-letters may have the tone of loving, threatening or can be sexually explicit. Th e stalker may use multiple names while contacting the victim. 4 . Some stalkers keep on sending repeated E-Mails asking for various kinds of favors or threaten the victim. 5. The stalker may post the victim’s personal information on any website related to illicit services such as sex-workers’ services or dating services, posing as if the victim has posted the information and invite the people to call the victim on the given contact details(telephone numbers/cell phone numbers/E-Mail address) to have sexual services. The stalker will useb adand /or offensive/attractive language to invite the interested persons. 6. Whosoever comes across the information, start calling the victim on the given contact details( telephone/cell phone nos ), asking for sexual services or relationships. 7. Some stalkers subscribe/register the E-Mail account of the victim to innumerable pornographic and sex sites, because of which victim will start receiving such kind of unsolicited E-Mails.
How Stalking Works? Releasing the victim’s confidential information online Tracking all online movements of the victim through tracking devices Using technology for blackmailing or threatening the victim Excessively tagging the victim in irrelevant posts Engaging with all online posts made by the victim Creating fake profiles on social media to follow the victim Posting or distributing real or fake photos of the victim Excessively sending explicit photos of themselves to the victim Making fake posts intended to shame the victim Repeatedly messaging the victim Hacking into the victim’s online accounts
Cyberstalking is following someone from platform to platform, following them into chat rooms, checking to see if they’re on a certain web page, monitoring their habits online, reading all their posts obsessively the victim might have no idea that they’re being stalked. Cyber Bullying is where the person is actively bullying the target online – example: trolling them, sending them vicious email messages, posting nasty things about them, etc.
Cyber Bullying
Cyberstalking
Cybercafé and Cybercrimes Cyber café and Cybercrimes C ybercafe is a place where you can go to access the internet, use computers, and enjoy various online services . Cyber criminals prefer cyber cafes to carry out their activities. • In February 2009, Nielsen survey on the profile of cybercafes users in India, it was found that90% of the audience, across eight cities and 3,500 cafes, were male and in the age group of 15–35 years; 52% were graduate sand post graduates,though almost over 50% were students. • Hence, it is extremely important to understand the IT security and governanc e practiced in the cyber cafes. • In the past several years, many instances have been reported in India, where cybercafes are known to be used for either real or false terrorist communication. • Cybercrimes such as stealing of bank passwords and subsequent fraudulent withdrawal of money have also happened through cybercafes. • Cybercafe shavealsobeenused regularlyforsendingobscenemailsto harass people. • Public computers, usually referred to the systems, available in cybercafes, hold two types of risks.
• First , we do not know what programs are installed on the computer – that is, risk ofmalicious programs such as keyloggers or Spyware , which maybe running at the backgroundthat can capture the keystrokes to know the passwords and other confidential informationand /or monitor the browsing behavior. • Second , over-the-shoulder surfing can enable others to find out your passwords . Therefore,one has to be extremely careful about protecting his/her privacy on such systems, as one doesnotknow who will use the computer after him/her. • Indian Information Technology Act (ITA) 2000, does not define cybercafes and interprets cybercafes as “network service providers ”referred to under the Section79,which imposedon them a responsibility for“due diligence” failing which they would be liable for theoffenses committed in their network. • Cyber criminals prefer cyber cafes to carry out their activities. • The criminals tend to identify one particular personal computer(PC) to prepare it for their use. • Cybercriminalscaneitherinstallmaliciousprogramssuchaskeyloggersand/ orSpywareorlaunchan attack on the target. • Cybercriminalswillvisitthesecafesataparticulartimeandontheprescribedfrequency,maybealternate dayortwiceaweek . • ArecentsurveyconductedinoneofthemetropolitancitiesinIndiarevealsthefollowingfacts: 1. Pirated software(s)such as OS, browser, office automation software(s)( e.g.,Microsoft Office)are installed in all the computers. 2. Antivirus software is found to be not updated to the latest patch and/or anti virus signature . 3. Several cybercafes had installed the software called “Deep Freeze” for protecting the computers from prospective malware attacks. Deep Freeze can wipe out the details of allactivities carried out on the computer when one clicks on the “restart” button. Such practices present challenges to the police or crime investigators when they visit the cybercafes to pickup clues after the Internet Service Provider (ISP) points to a particular IP address from where a threat mail was probably sent or an online Phishing attack was carried out, to retrieve loggedfiles . 4. Annualmaintenancecontract (AMC)foundtobenotinaplaceforservicingthecomputers;hence,harddisksforallthecomputersarenotformattedunlessthecomputeris
Here are a few tips for safety and security while using the computer in a cyber cafe: 1. Always logout: 2. Stay with the computer: 3. Clear history and temporary files: 4. Be alert: 5. Avoid online financial transactions: 6. Change passwords: 7. Use Virtual keyboard: 8. Security warnings:
Types of attacks Botnets Attack Attack vector Cloud computing
Botnets Attack As a term, botnet is a combination of two words: robot and network. Basically, a botnet is a group or network of computers or other devices that are internet-connected. Using malware, a hacker infects these devices and turns them into an army of minions, who then mindlessly execute their orders. Botnet attacks are becoming increasingly common and complex. But what exactly are they? How do they work, what can they do, and most importantly, how can you prevent them?
What is a botnet attack? Botnet attacks use a command and control model to allow one or more hackers to drive the actions of those devices (often called ‘zombie bots’) from a remote location. The more devices that have been infected with the attacker’s malware, the stronger the attack is likely to be. Any device capable of accessing the internet could be used as a zombie bot in a botnet attack that puts enterprises in jeopardy. This is especially true if the device doesn’t receive regular antivirus software updates. All of the five main classes of Internet of Things (IoT) applications can present security risks, including consumer, commercial, industrial, smart city infrastructure, or military arenas. In each of those fields, the market is flooded with IoT devices, many of which are lacking in security.
Attack vector: An “attack vector” is a path, which an attacker can gain access to a computer or to anetworkserver to deliverapayload ormalicious outcome. • Attackvectors enableattackerstoexploitsystemvulnerabilities,includingthehumanelement. • Attack vectors include viruses, E-Mail attachments, webpages, pop-up windows, instant messages, chat rooms, and deception. All of these methods involve programming (or, inafew cases,hardware ), except deception, in which a human operator is fooled into removing or weakening system defenses . • To some extent, fire wall sand antivirus software can block attack vectors. • However,noprotectionmethod is totallyattack -proof. • A defense method that is effective today may not remain so for long because attackers areconstantly updating attack vectors, and seeking new ones, in their quest to gain unauthorizedaccessto computers andservers . Refer to Box2.10. • The most common malicious payloads are viruses (which can function as their own attackvectors ),Trojan Horses, worms, and Spyware. • If an attack vector is thought of as a guided missile, its payload can be compared to thewarheadin thetip of the missile. • In the technical terms, payload is the necessary data being carried within a packet or othertransmission unit – in this scenario (i.e., attack vector) payload means the malicious activitythatthe attack performs. • From the technical perspective, payload does not include the “overhead” data required to getthe packet to its destination. Payload may depend on the following point of view: “ Whatconstitutes it?” To a communications layer that needs some of the overhead data to do its job,the payload is sometimes considered to include that part of the overhead data that this layerhandles .
1.Attack by e-mail 2.Attachments 3.Attack by social engineering 4.Hackers 5.Attack by webpage.(genuine sites) 6.Attacks of the worms 7.Malicious macros 8.Foistware 9.viruses
Cloud computing The growing popularity of cloud computing and virtualization among organizations have made it possible, the next target of cybercriminals. • Cloud computing services,while offering considerable benefits and cost savings,move servers outside the organizations security perimeter, which make it easier for cyber criminals to attack these systems. • Cloud computing is Internet(“cloud”)-based development and use of computer technology(“computing”). • The term cloud isused as a metaphor for the Internet,based on the cloud drawing used to depict the Internet in computer networks. • Cloud computing is a term used for hosted services delivered over the Internet. The service is fully managed by the provider – a user just needs PC and Internet connection. Significant innovations into distributed computing and virtualization as well as improved access speed over the Internet have generated a great demand for cloud computing.
Types of Services Services provided by cloud computing areas follows: 1. Infrastructure-as-a-service (IaaS): It is like Amazon Web Services that provide virtual servers with unique IP addresses and blocks of storage on demand. Customers benefit from an Application Programmable Interface(API) from which they can control their servers. As customers can pay for exactly the amount of service they use, like for electricity or water, this service is also called utility computing. 2. Platform-as-a-service (PaaS): It is a set of software and development tools hosted on theprovider’s servers. Developers can create applications using the provider’s APIs. Google Apps is one of the most famous PaaS providers. Developers should take notice that there are not any interoperability standards; therefore, some providers may not allow you to take your application and put it on another platform. 3. Software-as-a-service (SaaS): It is the broadest market. In this case, the provider allows the customer only to use its applications. The software interacts with the user through a user interface . These applications can be anything from Web-based E-Mail to applications such asTwitteror Last.fm.
Advantage of cloud computing
Cyber crime and Cloud Computing
Mobile and Wireless Devices: INTRODUCTION Why should mobile devices be protected? Every day, mobile devices are lost, stolen, and infected. Mobile devices can store important business and personal information, and are often be used to access University systems, email, B anking.
Proliferation of mobile and wireless devices: People hunched over their smartphones or tablets in cafes, airports, supermarkets and even at bus stops, seemingly oblivious to anything or anyone around them. They play games, download email, go shopping or check their bank balances on the go. They might even access corporate networks and pull up a document or two on their mobile gadgets. Today, incredible advances are being made for mobile devices. The trend is for smaller devices and more processing power. A few years ago, the choice was between a wireless phone and a simple PDA. Now the buyers have a choice between high-end PDAs with integrated wireless modems and small phones with wireless Web-browsing capabilities. A long list of options is available to the mobile users. A simple hand-held mobile device provides enough computing power to run small applications, play games and music, and make voice calls. A key driver for the growth of mobile technology is the rapid growth of business solutions into hand-held devices. As the term "mobile device" includes many products. We first provide a clear distinction among the key terms: mobile computing, wireless computing and hand-held devices. Figure below helps us understand how these terms are related. Let us understand the concept of mobile computing and the various types of devices.
Mobile computing is "taking a computer and all necessary files and software out into the field." Many types of mobile computers have been introduced since 1990s. They are as follows 1. Portable computer : It is a general-purpose computer that can be easily moved from one place to another, but cannot be used while in transit, usually because it requires some "setting up" and an AC power source.
2. Tablet PC : It lacks a keyboard, is shaped like a slate or a paper notebook and has features of a touchscreen with a stylus and handwriting recognition software. Tablets may not be best suited for applications requiring a physical keyboard for typing, but are otherwise capable of carrying out most tasks that an ordinary laptop would be able to perform. 3. Internet tablet : It is the Internet appliance in tablet form. Unlike a Tablet PC, the Internet tablet does not have much computing power and its applications suite is limited. Also it cannot replace a general-purpose computer. The Internet tablets typically feature an MP3 and video player, a Web browser, a chat application and a picture viewer.
4. Personal digital assistant (PDA): It is a small, usually pocket-sized, computer with limited functionality. It is intended to supplement and synchronize with a desktop computer, giving access to contacts, address book, notes, E-Mail and other features. 5. Ultramobile (PC): It is a full-featured, PDA-sized computer running a general-purpose operating system (OS). 6. Smartphone : It is a PDA with an integrated cell phone functionality. Current Smartphones have a wide range of features and installable applications. 7 . Carputer : It is a computing device installed in an automobile. It operates as a wireless computer, sound system, global positioning system (GPS) and DVD player. It also contains word processing software and is Bluetooth compatible. Fly Fusion Pentop computer: It is a computing device with the size and shape of a pen. It functions as a writing utensil, MP3 player, language translator, digital storage device and calculator.
Trends in Mobility : Mobile device and connection trends: By 2023, there will be 13.1 billion global mobile devices and connections (up from 8.8 billion in 2018). Mobile devices are evolving from lower generation network connectivity (2G) to higher-generation network connectivity (3G, 3.5G, 4G or LTE, and now 5G). Mobile computing is moving into a new era, third generation (3G), which promises greater variety in applications and have highly improved usability as well as speedier networking. Tim
.iPhone. from Apple and Google-led .Android. phones are the best examples of this trend and there are plenty of other developments that point in this direction. This smart mobile technology is rapidly gaining popularity and the attackers (hackers and crackers) are among its biggest fans. It is worth noting the trends in mobile computing; this will help readers to realize the seriousness of cybersecurity issues in the mobile computing domain.
User Mobility: It is used to specify a user who has access to the same or similar telecommunication services at different places. Device mobility - Device mobility refers to the movement of the communication device from one location to another with or without a user. Session mobility : A user should be able to move from one user agent environment to another Eg. User downloading with personal internet.
The user loses connection because of the poor network. Then the user returns office and the use WIFI continuing the unfinished session where it was the user got disconnected Service Mobility: A user should be able to move from one service to another Eg. If the user writes a Email and complete the Email, the user needs to refer to some other information. The user simply opens another service Eg. Browser And moves between the service using the task bar this is called service mobility
Malwares, viruses and worms: Although many users are still in the transient process of switching from 2G,2.5G 2G,2.5G to 3G, 3G, it is a growing need to educate the community people and provide awareness of such threats that exist while using mobile devices. Here are few examples of malware(s) specific to mobile devices: Skull Trojan: I targets Series 60 phones equipped with the Symbian mobile OS . Cabir Worm: It is the first dedicated mobile-phone worm infects phones running on Symbian OS and scans other mobile devices to send a copy of itself to the first vulnerable phone it finds through Bluetooth Wireless technology. Mosquito Trojan: It affects the Series 60 Smartphones and is a cracked version of "Mosquitos" mobile phone game. Brador Trojan: It affects the Windows CE OS by creating a svchost . exe file in the Windows start-up folder which allows full control of the device. This executable file is conductive to traditional worm propagation vector such as E-Mail file attachments. Lasco Worm: It was released first in 2005 to target PDAs and mobile phones running the Symbian OS. Lasco is based on Cabir's source code and replicates over Bluetooth connection.
2. Denial-of-service (DoS): The main objective behind this attack is to make the system unavailable to the intended users. Virus attacks can be used to damage the system to make the system unavailable. Presently, one of the most common cyber security threats to wired Internet service providers ( iSPs ) is a distributed denial-of-service ( DDos ) attack .DDoS attacks are used to flood the target system with the data so that the response from the target system is either slowed or stopped.
3. Overbilling attack: Overbilling involves an attacker hijacking a subscriber's IP address and then using it (i.e., the connection) to initiate downloads that are not "Free downloads" or simply use it for his/her own purposes. In either case, the legitimate user is charged for the activity which the user did not conduct or authorize to conduct.
4. Spoofed policy development process (PDP): These of attacks exploit the vulnerabilities in the GTP [General Packet Radio Service (GPRS) Tunneling Protocol]. 5. Signaling-level attacks: The Session Initiation Protocol (SIP) is a signaling protocol used in IP multimedia subsystem (IMS) networks to provide Voice Over Internet Protocol (VoIP) services. There are several vulnerabilities with SIP-based VolP systems.
Credit Card Frauds in Mobile and Wireless Computing Era : This era belongs to technology where technology becomes a basic part of our lives whether in business or home which requires connectivity with the internet and it is a big challenge to secure these units from being a sufferer of cyber-crime. Wireless credit card processing is a tremendously new service that will enable an individual to process credit cards electronically, virtually anywhere. It permits corporations to process transactions from mobile locations quickly, efficiently, and professionally and it is most regularly used via organizations that function in general in a cellular environment. Nowadays there are some restaurants that are using wifi processing tools for the safety of their credit card paying customers. Credit card fraud can take place when cards are misplaced or stolen, mails are diverted by means of criminals, employees of a commercial enterprise steal some consumer information.
There is a system available from an Australian company "Alacrity" called closed-loop environment for wireless (CLEW). Figure above shows the flow of events with CLEW which is a registered trademark of Alacrity used here only to demonstrate the flow in this environment. As shown in Figure, the basic flow is as follows: 1. Merchant sends a transaction to bank 2. The bank transmits the request to the authorized cardholder 3. The cardholder approves or rejects (password protected) 4. The bank/merchant is notified 5. The credit card transaction is completed.
Types of Credit Card Fraud: The first category, lost or stolen cards, is a relatively common one, and should be reported immediately to minimize any damages. The second is called “ account takeover” — when a cardholder unwittingly gives personal information (such as home address, mother’s maiden name, etc.) to a fraudster, who then contacts the cardholder’s bank, reports a lost card and change of address, and obtains a new card in the soon-to-be victim’s name.
Don’t: Don’t give your account number to anyone on the phone unless you’ve made the call to a company you know to be reputable. If you’ve never done business with them before, do an online search first for reviews or complaints. Carry your cards separately from your wallet. It can minimize your losses if someone steals your wallet or purse. And carry only the card you need for that outing. During a transaction, keep your eye on your card. Make sure you get it back before you walk away. Never sign a blank receipt. Draw a line through any blank spaces above the total. Save your receipts to compare with your statement. Open your bills promptly — or check them online often — and reconcile them with the purchases you’ve made. Report any questionable charges to the card issuer. Notify your card issuer if your address changes or if you will be traveling. Don’t write your account number on the outside of an envelope.
Do’s: Keep a record of your credit card numbers, their expiration dates, and the phone number to report fraud to in a secure place. Sign your card. It’ll be more difficult for someone to use a card that is signed, since matching signatures can be very difficult, and it won’t match a photo ID. Carry your credit cards separate from your cash. If you lose one wallet or money clip, you won’t be left with nothing. Try to keep your card in your view as much as possible whenever you have to hand your card to someone topay for a transaction (i.e. the server at a restaurant). Notify your card company and/or financial institution when you are traveling or changing residences. Open your billing statement immediately and reconcile it with your card accounts every month. Shred statements, receipts, etc. that might have any part of your credit card information visible. Report suspicious activity immediately.
Techniques of Credit Card Frauds : 1. Traditional Techniques : Paper-based Fraud – Paper-based fraud is whereby a criminal makes use of stolen or faux files such as utility payments and financial institution statements that can construct up beneficial Personally Identifiable Information (PII) to open an account in anybody else’s name. Application Fraud – ID Theft : Where a person pretends to be anybody else. Financial Fraud : Where a person offers false data about his or her monetary reputation to gather credit.
Modern Techniques : Skimming: to Commit Fraud is a kind of crime in which dishonest employees make unlawful copies of credit or debit cards with the help of a ‘skimmer’. A skimmer is a gadget that captures credit card numbers and other account information which should be personal. The data and records held on either the magnetic stripe on the lower back of the deposit card or the records saved on the smart chip are copied from one card to another.
T riangulation: In triangulation scams, there can be up to five parties involved: The criminal. The customer (the mule). The marketplace (if applicable). The retailer. The person whose stolen credit card details are used.
Attracted by the price, the customer buys the item using their credit or debit card or via an online payment service such as PayPal. The customer is unaware that the website or seller account is fake. In a triangulation scam, the cardholder whose details are used to fulfill the purchase can request a chargeback from the retailer once the fraud is discovered.
Security Challenges Posed by Mobile Devices: Mobility brings two main challenges to cybersecurity: first, on the hand-held devices, information is being taken outside the physically controlled environment and second remote access back to the protected environment is being granted. As the number of mobile device users increases, two challenges are presented: one at the device level called " micro challenges " and another at the organizational level called " macro challenges ."
OS Attacks: Operating system (OS) vulnerabilities are exposures within an OS that allow cyberattackers to cause damage on any device where the OS is installed. Mobile application attacks : An attack on the mobile device's operating system, jailbroken devices, and vulnerabilities in the application's data maintenance framework present critical security issues. As a result, apps can be hacked, enabling thieves to steal the data they contain.
communication network attacks an attempt to gain unauthorized access to an organization's network, with the objective of stealing data or perform other malicious activity. Ex: Bluetooth,Wi -Fi Malware attacks: are any type of malicious software designed to cause harm or damage to a computer, server, client or computer network and/or infrastructure without end-user knowledge.
The security challenges faced by mobile devices are as follows: Multiple user logging: Mobile phones have made some amazing progress; however, they are as yet not adaptable machines like PCs. Various clients on cell phones despite everything experience difficulty in opening one of a kind secured account. Basically, what one client does on a cell phone 1s not really an exclusive arrangement. Adaptable outsider arrangements are accessible, yet it is a lot more secure when telephones are not shared. 2. Secured at a storage : Cell Phones need great record encoding for solid security. All things consid - ered , who needs touchy corporate information to wind up in 1nappropriate hands? Without the correct encryption, not exclusively are close to home reports available to anyone, yet in addition passwords to bank, credit card and even business applications. Encrypting sensitive information guarantees would-be thieves gain a whole lot of nothing.
3. Mobile browsing : Maybe perhaps the best component of cell phones is the capacity to peruse the web in a hurry; however, this additionally opens up the cell phones to security dangers. The issue is that clients cannot see the entire URL or connection, substantially less confirm whether the con- nection or URL is protected. That implies that clients could without much of a stretch peruse their way into a phishing-related attack. Mobile device coding issues: Now and then engineers commit legitimate errors, accidentally making security vulnerabilities by means of poor coding efforts.
Registry setting for mobile device Editing the windows mobile registry on a gadget with an insignificant keyboard is troublesome. Be that as it may, mobile registry editor lets us remotely alter the Windows mobile device from our own keyboard Note: Registry of a computing device stores the information necessary to configure the syncs for appli - cation and hardware devices, information about OS. ActiveSync is a mobile information synchronization application created by Microsoft nitially discharged in 1996. It synchronizes information with handheld gadgets and personal computers, ActiveSync acts as a gateway between windows powered PC (WP-PC) and windows powered mobile devices (WP-MD) PC Mobile phone Windows Powered Fig: Flow of Microsoft active sync WP - PC WP - MD Active Sync (Gateway) Personal Computer Mobile Device
This empowers synchronization of applications, for example, outlook data, Microsoft Office reports, pictures, music, video and applications from a user's desktop to his/her cell phone. With respect to registry settings, 'Group policy' is one of the core operations. Group policy provides centralized man- agement and configuration of operating systems, applications and users settings in an Active Directory environment.
Attacks on Mobile phones Data Leakage Mobile apps are often the cause of unintentional data leakage. For example, “riskware” apps pose a real problem for mobile users who grant them broad permissions, but don’t always check security. These are typically free apps found in official app stores that perform as advertised, but also send personal—and potentially corporate—data to a remote server, where it is mined by advertisers, and sometimes, by cybercriminals. Data leakage can also happen through hostile enterprise-signed mobile apps. These mobile malware programs use distribution code native to popular mobile operating systems like iOS and Android to move valuable data across corporate networks without raising red flags. To avoid these problems, only give apps the permissions that they absolutely need in order to properly function. And steer clear of any apps that asks for more than necessary. The September 2019 updates for Android and Apple iOS both added protocols to make users more aware of it and why apps collect users’ location data.
Unsecured Wi-Fi No one wants to burn through their cellular data when wireless hot spots are available—but free Wi-Fi networks are usually unsecured . According to V3, in fact, three British politicians who agreed to be part of a free wireless security experiment were easily hacked by technology experts. Their social media, PayPal and even their VoIP conversations were compromised. To be safe, use free Wi-Fi sparingly on your mobile device. And never use it to access confidential or personal services, like banking or credit card information.
Network Spoofing Network spoofing is when hackers set up fake access points—connections that look like Wi-Fi networks, but are actually traps—in high-traffic public locations such as coffee shops, libraries and airports. Cybercriminals give the access points common names like “Free Airport Wi-Fi” or “Coffeehouse” to encourage users to connect. In some cases, attackers require users to create an “account” to access these free services, complete with a password. Because many users employ the same email and password combination for multiple services, hackers are then able to compromise users’ email, e-commerce and other secure information. In addition to using caution when connecting to any free Wi-Fi, never provide personal information. And whenever you are asked to create a login, whether for Wi-Fi or any application, always create a unique password . Phishing Attacks Because mobile devices are always powered-on, they are the front lines of most phishing attack . According to CSO , mobile users are more vulnerable because they are often monitor their email in real-time, opening and reading emails when they are received. Mobile device users are also more susceptible because email apps display less information to accommodate the smaller screen sizes. For example, even when opened, an email may only display the sender’s name unless you expand the header information bar. Never click on unfamiliar email links. And if the matter isn’t urgent, then let the response or action items wait until you’re at your computer.
Spyware Although many mobile users worry about malware sending data streams back to cybercriminals, there’s a key threat closer to home: Spyware. In many cases, it’s not malware from unknown attackers that users should be worried about, but rather spyware installed by spouses, coworkers or employers to keep track of their whereabouts and activity. Also known as stalker ware , many of these apps are designed to be loaded on the target’s device without their consent or knowledge. A comprehensive antivirus and malware detection suite should use specialized scanning techniques for this type of program, which requires slightly different handling than does other malware owing to how it gets onto your device and its purpose.
Hacking Bluetooth (a) Bluetooth is an open remote technology standard utilized for communication (i.e., trading over short separations (i.e., utilizing short length radio waves) among information) fixed and additionally mobile phones. Bluetooth is a short-run remote correspondence administration/innovation that utilizes the 2.4 GHz recurrence extend for its transmission/ correspondence (b) When Bluetooth is empowered on a gadget, it basically communicates T am here, and I am ready to interface' to any. other Bluetooth-based devices inside range. This makes Bluetooth utilize basic and clear, and it likewise makes it simpler to recognize the objective for attackers. The attackers introduce software on a PC and afterward introduces a Bluetooth receiving wire Whenever an attacker moves around open places, the software installed on PC constantly checks the close by environmental factors of the hacker for active Bluetooth connections. When the software tool utilized by the attacker finds and interfaces with a powerless Bluetooth-enabled mobile phone, it can do things like download address book data, photographs, schedules, SIM card details, make significant distance calls utilizing the hacked gadget, bug calls and substantially more. (c) Bluejacking, Bluesnarfing , Bluebugging and Car Whisperer are common attacks that have emerged as Bluetooth-specific security issues. (d) Bluetooth hacking tools are listed as follows: BlueScanner : This tool empowers to look for Bluetooth empower devices and will attempt to extricate however much data as could associating it with the objective. • BlueSniff : This is a GUI-based, utility for finding discoverable and covered up Bluetooth enabledgadgets . • BlueBugger : The buggers abuse the weakness of the gadget and access the pictures, phone- book, messages and other individual data. • Bluesnarffer : In the event that a Bluetooth ofa device is turned ON, at that point Bluesnarf - ing makes it possible to associate with the phone without cautioning the owner and to access a restricted portion of stored information. • Bluediving : Bluediving is trying Bluetooth penetration. It actualizes attacks like Bluebug
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 61
- Slides 73
- Age 519 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views