Your IP: Unknown · Your Status: Unprotected Protected

Blog In Depth

The most common types of hacking on the Internet

Jun 26, 2018 · 13 min read

The most common types of hacking on the Internet

When hackers set out to attack individuals or organizations, they have a broad selection of hacking techniques, tools, and technical expertise at their disposal. If you want to keep yourself and your family secure, fight fire with fire. By learning about the most common hacking methods and arming yourself with the right tools, you’ll be able to identify vulnerabilities and stop attackers in their tracks.

You can think of your internet connection as a chain connecting you to your destination. Each link in the chain is another step that information must take on its journey to your destination and back. Hackers work by looking for weaknesses in links anywhere along the chain. When they find one, they use hacking attacks to access your data and wreak havoc.

The common hacking techniques in this blog post range from the lazy to advanced, but all of them exploit different vulnerabilities to access your data or infect you with malware. If you understand them, you’ll be empowered to protect yourself online.

The top 5 laziest hacking techniques

Fake WAP

Fake WAPs can be established anywhere very easily. Be careful!

This is a very simple type of hacking attack that’s frighteningly easy to fall for. If you don’t like the idea of getting hacked by a high schooler, read on. In a fake WAP (Wireless Access Point) attack, the hacker sets up a wireless router with a convincingly legitimate name in a public spot where people might connect to it. Once they do, the hacker can monitor and even change internet connections to steal sensitive data or force the user to download malware onto their device.

How many times have you been to a hotel, cafe, or airport that had one or more separate guest wifi networks? How sure were you that you connected to a secured router owned by the establishment you were visiting?

Can NordVPN protect you: YES. By encrypting your traffic, NordVPN will make it impossible for the hacker to read or modify what you see or send. However, it’s better never to connect to the fake WAP in the first place.

Before you connect, look for an official wifi network name and password behind the counter that you know was placed there by an employee – or ask an employee what the real network is called. However, free public wifi networks are still highly insecure, so we suggest using a VPN anyway.

Bait and switch

Bait and switch attacks target users through ad networks.

A bait and switch attack uses a relatively trusted avenue – ads – to fool users into visiting malicious sites. How much a hacker can get away with all depends on the ad network they use. Larger advertisers like Facebook and Google have a number of safeguards in place to prevent this behavior, but even they aren’t 100% perfect.

Once you’ve clicked on the ad, the attacker can use a number of other attacks, like downloading malware, clickjacking, or browser locking, to compromise your system.

Can NordVPN protect you: IT DEPENDS. NordVPN’s Cybersec feature can stop you from being redirected to malicious sites, but your best defense is a secure browser and a plugin that blocks ads and pop-ups. If you do click on ads, try to stick to more trusted ad distributors, like Google or Facebook.

Credential reuse

Credential reuse attacks rely on the fact that most people use the same password everywhere.

This is an attack that can follow a data breach at a server hosting many users’ login information. It works under the assumption that many people use the same password across multiple sites, which is unfortunately true. After using a vulnerability to access login info, the hacker can try using the same info on a more sensitive website to gain access to more dangerous and damaging information.

This type of attack is also why it’s such a good idea to follow us on Facebook or Twitter! We often post the latest news about website breaches affecting thousands of users. If you use the same password for multiple sites, you’ll want to know about a breach as soon as possible so you can keep your other accounts secure.

Can NordVPN protect you: NO. This attack relies on the hacker accessing sensitive data that you’ve stored elsewhere, so private encryption can’t help you. Your very best strategy is to create a different password for every site you use. That makes any password of yours that a hacker gets when they hack one of those sites useless for any of the others.

SQL injection

SQL injections often target unsecure login forms

This is a curious and powerful hacking method that targets vulnerabilities in fairly unsecure websites. In unsecured systems that use the SQL programming language, hackers can insert code into text fields in the website (like a password or username field, for example) that the website will run.

The code they insert can be used to extract information from the website or to give the hacker a foothold from which they can launch further attacks. SQL injection is essentially an attack on the website rather than you, but once a hacker has successfully performed a SQL injection, the site can be used to attack its visitors.

Can NordVPN protect you: NO. Like a cross-site scripting attack, SQL injection can turn a legitimate website into a hacker’s tool. It can also steal or modify data on a website that you’ve already chosen to share your information with.

The frustrating thing about SQL injection is that it is relatively simple to fix from a website developer’s standpoint – a simple Google search will provide tons of simple tips on how to prevent these attacks from occuring. However, we still hear about these attacks occuring because website administrators fail to secure their sites.

Browser locker

A fake BSOD screen

Browser lockers are a common but lazy hacking method that targets users who might not be very technologically literate. After leading a user to a malicious site or infecting a legitimate one, the hacker creates a popup that takes over the screen and makes it difficult or impossible for the user to close. The popup poses as an antivirus alert and encourages the user to visit a bogus tech support link or call a bogus number. The victim winds up unknowingly paying the attacker to remove the “virus” from their computer.

Can NordVPN protect you: YES. If you turn on NordVPN’s Cybersec feature, you will be protected from malicious online links and ads. The tool blocks links from a database that is constantly updated to catch the latest threats.

Other common types of hacking attacks

Macro malware in documents

Macro scripts can turn innocent documents into malware delivery tools.

Document-based macro malware is a very insidious type of malware that is easy to detect and avoid if you know what you’re looking for. Many document file types, like .doc or .pdf, have the ability to run scripts when they’re opened. However, these functions usually have to be given permission by the user to run through a prompt when the document is opened.

If you give the document permission to run the macro, you will be at the hacker’s mercy. These scripts can open numerous vulnerabilities in your system, allowing hackers to upload more serious malware and take control of your computer.

Can NordVPN protect you: NO. The Cybersec feature may protect you from sites that distribute macro malware, but dedicated antivirus software will be better at catching infected documents. The problem is that they often travel through trusted channels, like emails.

The ultimate defense is to question every document that asks you for permission to run something. If you get such a document from someone you trust, ask them to explain who put the macro there, why they did so, and what it does.

Cookie theft / sidejacking / session hijacking

Cookie theft uses an essential tool of the internet to steal your login session.

Cookies are more than just a way for ad providers to follow you around online. They’re also how websites keep track of users who have to log in and out of their accounts. When you log in to your account, the website sends you a cookie so you don’t immediately get logged out on the next page you visit in their website. If they send your cookie over an unsecure connection, however, that cookie might not end up where it’s supposed to go.

A cookie theft is exactly what it sounds like – a hacker exploits an insecure connection to steal your cookie and pretend that they’re you on the website you’re visiting. They might not gain access to your login credentials, but they can change a number of settings to hijack the account you’re connected to or otherwise exploit it to their advantage.

Can NordVPN protect you: YES. NordVPN encrypts your traffic, securing almost every step along the way from your computer to the site in question. Visiting an https website will also be far more secure when it comes to cookie theft, but we can’t always choose the website we visit. Even if you’re on an insecure connection, NordVPN will make sure your cookie reaches you and only you.

The only exception is if the site you are visiting has been hacked into. However, in that case, the hacker is likely to choose a more powerful attack than cookie theft.

IoT attacks

IoT devices are often easy to hack, so do what you can to secure them.

IoT devices are exciting because of the potential new features they introduce into our daily lives. However, they are also frighteningly vulnerable to cyber attacks. These devices have limited computing power and storage, leaving little room for robust security features. The passwords are often left as the factory defaults, meaning almost anyone can log into them.

Even worse, they provide a direct bridge between the digital and physical worlds. A hacker from across the street or across the ocean can hack into your air conditioner, oven, refrigerator, or home alarm system. However, your infected devices can also be used as parts of expansive botnets – virtual armies of connected devices that hackers can use to launch orchestrated attacks on targeted servers. One way or another, unsecured IoT devices pose a big risk.

Can NordVPN protect you? IT DEPENDS. NordVPN’s standard apps run on the most common devices, which means they don’t cover your IoT appliances. Our tutorial page provides instructions on how to install NordVPN on most home routers, but not all of them are capable of running the latest encryption protocols. If you have a router capable of running one of the more powerful encryption protocols supported by NordVPN, you can configure your router to secure all of your IoT devices against unwanted connections.

However, your encrypted connection will prevent anyone from communicating with your devices – even you! Use this approach only if you don’t need online access to your devices from outside your home.

DDoS attacks

DDoS attacks harness thousands of infected users to shut down servers.

DDoS attacks are a curious phenomenon because the malware used to perform them doesn’t really hurt the person infected by it. Instead, it turns their device into one small part of an army of bots that the hacker then uses to completely flood their target with fraudulent requests and shut their server down.

The defence mechanisms for DDoS differ for bots and targets, and we’ll primarily be discussing the bot end of the equation. For a member of the bot army, the damage actually isn’t that significant. Besides the fact that having malware controlled by a hacker on your device is highly insecure, all the DDoS bot does is gobble up a fraction of your online bandwidth whenever it’s called on by the hacker to participate in an attack. Despite this, it’s still a good idea to do the world a favor by preventing your devices from becoming part of an organized attack.

Can NordVPN protect you? IT DEPENDS. NordVPN’s Cybersec feature blocks your computer from connecting to botnet command and control servers, which hackers use to mobilize their armies. This will isolate the bot from its owner and prevent it from attacking others, but you’ll still need an anti-malware program to remove any bots you might have.

Phishing

Phishing can target anyone via email or other messages

Unlike most hacks, phishing targets the person behind the device rather than the device itself. By tricking the user through a convincing and cleverly crafted email or other message, the hacker can convince them to lower their guard and provide access to their most sensitive information.

Phishing can take many different forms, so there’s no single way to defend yourself. A healthy dose of online skepticism and attention to detail will get you a long way, though. If an official-looking email sent you a link, make sure the URL it’s taking you to looks correct. Anyone actually representing a website or service you use won’t actually need your password, so don’t give it to them. Don’t download anything from an email unless you’re absolutely sure it’s safe.

Can NordVPN protect you? IT DEPENDS. Phishing is relatively easy to avoid if you’re careful, but it’s also one of the most powerful attacks out there. That’s because you have the power to bypass any of your own defenses. If the hacker can convince you to do what they want, then all the software in the world won’t help you.

NordVPN’s Cybersec feature can detect some links from a vast database of known malicious sites, but you’ll have to trust NordVPN’s warning and keep yourself from navigating to the malicious website.

Clickjacking/UI redress

Clickjacking attacks fool the victim into clicking on invisible buttons.

One thing many users don’t realize when they chance upon a suspicious website is that they might be looking at more than one website. Malicious websites (or legitimate ones that have been compromised) can lay an invisible frame over the site you see – complete with invisible buttons that can cover existing buttons or even follow your cursor. Any click you take could be executing actions you had no idea you were taking – hence the term “clickjacking.”

The damage clickjacking can do depends on how creative the hacker using it is. The most common uses include collecting fake Facebook likes, getting users to click on ads and generate revenue, and even unlocking their cameras and microphones (through an Adobe Flash vulnerability that has since been fixed).

Can NordVPN protect you? IT DEPENDS. Your best defense against this attack will be a secure browser with built-in defenses as well as an adblocker or script-blocking browser plugin. If a site or ad is known for clickjacking, however, then NordVPN’s Cybersec feature CAN help by blocking you from visiting that site. Together with the other tools mentioned, it can form part of your defense against clickjacking attacks.

Man-in-the-middle attack

A man-in-the-middle attack lets hackers intercept your online traffic

In a man-in-the-middle (MITM) attack, the hacker inserts themselves as an invisible intermediary between you and the server you’re communicating with. By copying communication from both ends, they can monitor your traffic or even modify it without being detected. There are different ways to do this, but the easiest way is by exploiting an unsecure Wifi connection (or through a fake WAP attack).

Imagine performing a financial transaction during a MITM attack. Even if they don’t get your login information, which they probably will, they can insert data into the transaction to redirect your funds. Your device will tell you that you’re sending your money where you want it to go, but the bank will think you’re sending your money to the hacker’s bank account.

Can NordVPN protect you: YES. This is the attack that VPNs were made to prevent. Because even the target of your traffic is hidden by our encryption, the hacker won’t be able to send your message on to its destination. They won’t be able to read or modify its contents. The worst that a hacker on an unsecure or fake connection can do to you is terminate your connection without compromising the security of your data.

Cross-site scripting

Cross-site scripting targets communications between servers to inject malicious code.

Websites connect to many different servers to optimize their functionality, and to make their communications more efficient, they don’t bother reconfirming their authentication procedures every single time they exchange information. These connections can include ad services or special plugins.

If one of these connections is hacked, the attacker can inject scripts directly into a website’s UI to compromise anyone who visits that site. Those scripts, in turn, can be used to capture information that you enter into the site or to perform different types of attacks (like clickjacking).

Can NordVPN protect you: NO. This is a difficult type of attack to defend yourself from because it targets the website you visit, not your device. However, a secure browser with anti-script plugins will go a long way towards keeping you safe. If the website in question has made it into NordVPN Cybersec’s blacklist of malicious sites, then NordVPN will also help keep you safe. Keep your eyes open for suspicious behavior on any website you visit.

DNS spoofing

DNS servers are like the signposts of the internet.

DNS servers are like the signposts of the Internet. When you enter a website into your browser, they tell your device where to go to get the information you need. If a hacker can in some way poison the information provided by a DNS server, however, they can potentially take thousands of users to a malicious domain as part of an attack.

DNS spoofing can happen in many different ways – by corrupting the data on its way to your device, by feeding corrupted information to a DNS server, or by completely taking it over. They all have a similar result, however – they send you to a website that the hacker has designed to take advantage of you.

Can NordVPN protect you: YES. NordVPN stops DNS spoofing attacks (we also stop DNS leaks! When using NordVPN or any other VPN, use our free DNS leak test to make sure you’re secure). As your DNS signal travels from NordVPN’s DNS server through your encrypted tunnel, it’s virtually impossible for hackers to corrupt that signal in any way.

There are two rare exceptions, however, in which a user might become vulnerable to this type of attack. If the user’s device doesn’t use NordVPN’s DNS server (either by choice or because a piece of malware has caused it to do so), NordVPN can no longer guarantee that your DNS information won’t be spoofed. This is why we recommend that users do not alter NordVPN’s default DNS settings. NordVPN also can’t guarantee that your DNS info will be safe if an attack happens at one of the servers down the line from NordVPN’s DNS server. Such attacks, however, are a rare occurrence and are reported widely when they do occur.

The tip of the iceberg

There are thousands of different vulnerabilities and ways to exploit them online, and it’s impossible to know all of them. However, every internet user has much to gain by learning the common hacking techniques described here. Forewarned is forearmed, as they say – you may not understand or identify every attack, but you will now have a good idea of what’s possible. If you understand some of the ways in which hackers can target you, you’ll be ready to prevent and repel their attacks. Stay safe!

If you found this guide useful, check out our blog and follow us on Facebook and Twitter. We always share the latest tips to help you stay secure!


Daniel Markuson
Daniel Markuson successVerified author

Daniel is a digital privacy enthusiast and an Internet security expert. As the blog editor at NordVPN, Daniel loves to serve up generous helpings of news, stories, and tips to help people stay private and secure.


Subscribe to NordVPN blog