Download as DOCX, PDF, TXT or read online from Scribd
Download as docx, pdf, or txt
You are on page 1/ 4
1 Both involve the use of telephones to trick the customer
Both attempt to gain personal information
Both are methods used to attempt to defraud a bank customer of money Both are used in identity fraud to open up new lines of credit Both can involve the use of good news such as a lottery win 1 : Vishing involves calling the customer whereas smishing is the use of text messages Vishing involves the customer having to respond immediately to the caller Smishing involves the sending of a website link or telephone number Smishing allows the user more time to check the veracity of the message
2 A malicious program that replicates itself…
…until it fills all of the storage space on a drive or network Takes full advantage of the flaws in the network system. Usually a small self-contained program that invades computers on a network A worm locates a computer’s vulnerability and spreads within its connected network Worms often originate from e-mail attachments that appear to be from trusted senders Worms then spread to a user’s contacts via their e-mail account and address book. Worms can slow down a network… …by consuming bandwidth
3. A rootkit is malicious software that gives continued administrator access to
a computer while actively hiding its presence. Rootkits can be installed by phishing attacks/social engineering to trick users into giving the rootkit permission to be installed A rootkit allows someone to control a computer without the computer user knowing about it The controller of the rootkit can remotely execute files It can also change system configurations on the infected machine. A rootkit can access log files and spy on the computer owner’s usage
1 4. Spyware: Spyware is a software that is installed on a computer without the user knowing about it. It is a program that secretly records what a user does on their computer It Can gather information like Web browsing history. It Can capture e-mail messages It Can capture a user’s personal data… …such as usernames and passwords as well as credit card information And transmits this data to a third party over the internet.
5. A ‘bot’ – short for robot – is a software program that performs automated, repetitive tasks. Bots typically copy or replace human behavior. One of the most common ways in which bots infect your computer is via downloads. A malicious bot is self-replicating malware designed to infect a host computer and connect to a central server. They have the worm-like ability to spread by duplicating. Bots can have the ability to log keystrokes, collect passwords, capture and analyse Data packets They can launch DDoS attacks, pass on spams and open back doors on the infected network They infect networks in a way that escapes immediate notice
6. Ransomware is malicious software that can publish the victim's data or block access to user’s computer unless a ransom or money is paid. It encrypts the victim's files making them difficult to decipher and demands a ransom payment to decrypt them. It mostly controls a PC as a computer worm or Trojan horse Most ransomware attacks are the result of clicking on an infected email attachment or visiting compromised websites. Some ransomware allows use of the computer but prevents the opening of certain files
Worm: A malicious program that replicates itself… …until it fills all of the storage space on a drive or network Uses security holes in networks Usually a small self-contained program that invades computers on a network A worm locates a computer’s vulnerability and spreads within its connected network Worms often originate from e-mail attachments that appear to be from trusted senders Worms then spread to a user’s contacts via their e-mail account and address book.
2 Worms can slow down a network… …by consuming bandwidth
Personal data protection
Organisations which store personal data tend to have several computers that form networks, many of which are connected to the Internet and firewalls are designed to prevent unauthorised network access. A penetration test is when companies employ somebody to deliberately attack their computer network so that the authorised ‘hacker’ will identify the weaknesses in their system’s security, and they can then take measures to improve it if necessary. Authentication techniques can be used in order to prevent hackers from accessing a computer network and can be typing in a User ID and password, inserting or swiping a smart card and using biometric data, which is something about the user which is unique. Different groups of users can be granted different levels of access to the data on the network. Network policies are sets of rules that allow companies to choose who can access their computer network and controls their use of the network once they have gained access. The most useful function of software updates is probably the fact they eliminate specific security weaknesses present in an operating system which hackers can take advantage of these to access the computer system. Encryption ensures that data, even when illegally accessed, will not be understandable. A website often has a digital certificate to verify ownership of the website and also prevent fraudsters creating a fake version of the website. Should a mobile device is lost or stolen, the owner can send a command to it using another phone that will completely remove any data, such as personal data from it.
