Threats and Attacks

It’s helpful to view vulnerabilities from the viewpoint of threats and attacks. It’s a good way to get a general picture of what you want the various layers of your defense system to prevent. There is more detailed information on threats and vulnerabilities under the Visible Threats and the role of User Vigilance and Block Invisible Attacks.

Examples of Threats and Attacks

Threat Attack Description
Deception Visible: user is the target.
Phishing Email that urges immediate action: Seemingly from a known person or entity (often has exact graphics). Request to log in; request for personal information link to click; or an attachment to open. Often involves a skillful counterfeit website. User data goes directly to the phisher.
Rogue Antivirus Pop-up notice or webpage: Convincing graphics. Reports that you have 137 (or so) malware infections. Offers to fix for payment. Takes your credit card (of course now they have your credentials too). Fixes nothing, and may further infect your PC.
Pop-up Notices Notices or warnings: They often have authentic looking graphics. They state that it is urgent to update a program or plug-in; Adobe Flash must be updated; you must download a codec to play a video; or anything else the con artist thinks will suck you in. There’s even a pop-up that says your browser must be updated.
Fraud Email: Too good to be true (often millions of dollars, or relative in a jam. Send money for “delivery expenses,” or send money for bail.
Topic Spam There’s a constant flow of booby-trapped messages on popular subjects or topical notices and warnings. They often install malware if you respond.
Files: .exe, Docs, PDF, Email attachments, downloaded files or content that you click to play (media files): Malicious files are a classic way to attack PCs. These files are usually delivered by deceptive email, rogue websites or poisoned websites. [Dangers of PDF Files]
Drive-by Attacks Invisible Email A malicious trigger is embedded in a seemingly innocent message. Malware is silently installed as soon as the message is viewed.  The target is a vulnerability in a program, plug-in, or Windows.
Webpage Visit to a legitimate, but poisoned website; or a malicious advertised website. The malware is silently delivered, hidden by the expected visual webpage contents. The target is a vulnerability in a program, plug-in, or Windows.
Example The attacker poisons a webpage on a legitimate website with a hidden link to content on a malicious website. The link target downloads a malicious file. The downloaded file silently downloads more files and installs the payload on the victim’s computer. [article] [video]
Remote Connect Invisible Hacker Hackers use skillful, interactive methods and tools to probe for entry (as seen on TV). Targets are bugs, or weak or incorrect settings in routers, firewalls, Windows, or programs.
Worms Worms are essentially primitive, but automated hackers that propagate via the internet or the local network. Targets are known software vulnerabilities, rather than interactive probing.
Search Results
Poisoned Both paid-position search results (ads) and natural-position results are used to inject poisoned search results (lead to malicious webpages). WOT (reputation filter) is one of the best safeguards.

To be expanded…

Related information