Ways personal information on your PC can be accessed illegally
Social Engineering: It involves tricking unsuspecting users into parting with confidential information or performing an action that is against company guidelines and in the process unwittingly releasing sensitive information. Social engineering does not make use of any technical weaknesses in a system; rather it relies upon human failings.
Identity management system attacks: These attacks are targeted at the various identity management systems in an organization that regulate user access to critical information and online applications. The attacks focus on compromising user authentication, gaining access to accounts, cracking passwords, and abusing access rights in order to gather confidential business-related and employee-related information.
Acoustic cryptanalysis: This attack makes use of audible and inaudible sounds that are generated when computer keyboards are pressed. Each key emits a unique sound and hackers can piece together important information by eavesdropping on the sounds emitted by the keys by employing sophisticated neural networks.
Login spoofing: It is a form of social engineering in which a malicious program masquerades as a genuine login prompt. If the login information is entered, it is passed on to the hacker. In order to prevent login spoofing, a special key combination, referred to as secure attention key, is used in some operating systems.
Shoulder surfing: This involves direct techniques of observation in which attempts at gleaning useful information are made by looking over one's shoulder, trying to get information while online forms are being filled. It is done in crowded places and during busy office hours. Technology is also used to execute shoulder surfing, miniature cameras and high-powered binoculars are used sometimes to try and ascertain the information being keyed into a machine.
Information diving: It implies scavenging for information such as files, memos, credit cards, and other such sensitive information that has been dumped without being destroyed. This activity frequently leads to identity theft. Recently, companies have begun to tighten up their security and take steps such as shredding paper before it is consigned to the waste bin.
Phishing: it involves eliciting sensitive information from unsuspecting computer users by posing as an authentic entity. Phishing, which is a form of social engineering, can be carried out via email, telephone, or IM. Organizations are trying to counter the menace of phishing by proper user training and passing legislations. Highly targeted versions of phishing are known as spear phishing.
Timing attack: These are sophisticated attacks on encrypted data that work by considering the amount of time required to execute a given cryptographic algorithm. These attacks use error correction techniques to account for network latency, which may otherwise give the attackers an erroneous reading.
About the Author
To start protecting your computer now, visit SpywareCleaner.biz for reviews of popular spyware removing software which offer free computer scans.
Written for Online Business Heaven by Michael Jones. For more information about Home PC Security visit OnlineBizHeaven.
posted by Sneakytje @ 8:34 PM
0 Comments:
Post a Comment
<< Home