(1) DNS spoofing
This is a malicious cache poisoning where forged data is placed in the cache of the name servers. Spoofing attacks
can cause serious security problems for DNS servers vulnerable to such attacks,
In order to prevent many sources of Internet attacks, it is necessary to have the security built into DNS systems. To minimize the risk of a spoofing attack, every organization or individual responsible for a domain should first check which type of name server they are using and consult with its developer whether it is secure against DNS spoofing or not.
(2) Session Hijacking
Sessions highjacking alludes to the misuse of a substantial PC session, likewise called a session key, this helps hackers to gain unauthorised access to data or administrations in a PC framework. HTTP cookies which are used to keep up a session on numerous sites can be effortlessly stolen by hackers who are using a mediator PC or with access to the spared treats on the casualty's PC
You can be easily exposed to session hacking which is also known as cokies hacking expecially when you are accessing Facebook or which ever site on a http connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account.
Session hijacking is usually used on LAN, and WiFi connections.
The popular method is using source-routed IP packets.
Note that HTTP protocol versions 0.8 and 0.9 does not have cookies and other important features necessary for session hijacking. Version 0.9beta of Mosaic Netscape, which was released on October 13, 1994, supported
cookies so this version will favour an attacker who's into session hijacking.
In conclusion:
(1) always try to use a secured connection instead of http while browsing
(2) be careful in clicking sites you see on Facebook or other platforms because some hackers can easily trick you in order to gain access to cokies store on your browser here is how it works
1. The attacker creates a PHP script and uploades it
to a webhosting site.
2. The attacker then asks or trick the victim to visit that
particular link containing the PHP code.
3. Once the victim visits it his/her authentication
cookie is saved in a .txt file.
Then afterwards you'll discover that your account have been hacked later on.
(3) Stealer's
Almost 80% percent people use stored passwords in their
browser to access the Facebook. This is quite convenient, but
can sometimes be extremely dangerous. Stealer's are
software's specially designed to capture the saved passwords
stored in the victims Internet browser.
(4) Mobile spy apps
Millions of Facebook users access Facebook through their
mobile phones. In case the hacker can gain access to the
victims mobile phone then he can probably gain access to
his/her Facebook account. Their are a lots of Mobile Spying software's used to monitor a Cellphone. The most popular Mobile Phone Spying software's are: Mobile Spy, and Spy Phone Gold,Flexy spy, track my phone, easy spy, auto forward e.t.c
In other to not to fall victim
1. Always install a good antivirus in your mobile phone.
2. Never install unknown apps in your phone.
3. Always check your phone for suspicous apps
(5) Phishing
Phishing is way by which hackers try to obtain sensitive information such as usernames, passwords, and
credit card details (and sometimes, indirectly, money), often for malicious reasons,
Phishing is still the most popular attack vector used for
hacking Facebook accounts. There are variety methods to
carry out phishing attack. In a simple phishing attacks a
hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Oncec the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to text file, and the hacker then downloads the text file and gets his hands on the victims credentials.
Precautions: Always diligently or carefully check the address bar when login in to Facebook or any other sites that requires passwo rds
Precautions:
1. Deploy a SPAM filter that detects viruses, blank senders, etc.
2. Keep your pc current with the latest security patches and updates.
3. Install an antivirus solution, schedule signature updates, and monitor the antivirus status on your pc
4. Deploy a web filter to block malicious websites.
5. Encrypt all sensitive company informat ion.
(6) Keylogging
Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall victim of it.
A Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.
keyloggers can be legally used to monitor network usage without their users' direct knowledge, can also be used by I.T organisation to trouble shoot technical problems.
Solutions:
Always used antivirus and anti rockrootskits and make sure you update them regularly you can also use malware rem over
Install a good antivirus in your computer.
2. Never open your facebook account on another computer.
3. Always download free software from trusted websites
4. Never download or get a software from untruste
(7) Sidejacking attack
Sidejacking attack has been in existence for about sixteen years now , and it is still been used even today. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the
attacker and victim is on the same WiFi network. A sidejacking attack is just another name for http session hijacking, but it's more targeted towards WiFi users.
Solutions:
1 . stick to secured LAN
2. Don't use sites that stick to or revert to HTTP.
Sites that log you in over unencrypted HTTP or revert to HTTP after SSL login are always prime targets. Anyone that can intercept that traffic can easily record and reuse the cookie, thereby hijacking your authenticated session Known-vulnerable sites include Amazon, Facebook, Flickr Google,Twitter, Windows Live, Wordpress, and Yahooe e.t.c
3. Avoid leaking cookies over Http HTTP
URL entered
without the https: prefix may cause your browser to send your cookie over HTTP before
getting redirected to SSL.
4. Avoid unscripted WiFi connections
5. Use only trustworthy hotspots
6. Always use secured LAN
7. Insist on full time SSL instead of http
8. Protect everything with VPN
(8) USB hacking
This can only be possible in a shared computer maybe at home or in the Caffè or business centre USB hacking is only possible when an attacker has physical access to your computer, he will insert a USB programmed with a function to automatically extract saved passwords from your browser.
Most hacker's can easily hack your password after you are done browsing this happens expecially in a cyber Caffè so always remember to clear your browsing data expecially after logging in with a public computer.
(9) Man in the middle attacks hacking
This is only possible if the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway by doing this the hacker is now able to capture all the traffic in between.
Solutions: see session hijacking and sidejacking attack.
(10) Social Engineering
Social Engineering is simple attack made by hacker, in this method hacker can collect information about victim as much as he can from various methods. If victim uses simple password like his birthday date, mobile number, school name, girlfriend name and bike
number , a good hacker can easily guess your password and hack your facebook account.
Solutions:
1. Always use a strong passwords for facebook account or any Account login.
2. Avoid leaving the details of your account carelessly like writing your facebook account in any paper.
3 . People use the same password in different websites, i will advise never to use same Password for many websites.
4. You can generate strong password from websites that generates Random Password you'll find them using Google
Posts
