Skip to main content
Common Threats

Common Threats

In the online world, threats are everywhere. Cybercriminals will do all they can to get your personal data, using various schemes and tactics to gain access to your device. Learning about common threats can help you know what to look for, keeping you a step ahead of a cybercriminal's malicious ways.

Common Threats

  • An attempt by a cybercriminal to steal personal information while posting as a reliable source and luring an unsuspecting user to provide information requested or click a harmful link or attachment. These attempts may be received via email, text message, direct message on social media, or phone call and are designed to look like it is from a trustworthy source or organization.
  • Short for malicious software, malware is any harmful software that is stored on a device that was created with intent to harm to a computer, network, or server. It is commonly used to compromise it. Malware gives cybercriminals access to the infected device, allowing them to monitor personal information and sensitive data.
  • A manipulation tactic used to trick a user to take a questionable action or compromise information. The information is pulled from a source that may appear harmless on the surface, but attackers can move from source to source to piece information together until there is enough to exploit data. Typically, social engineering is the first step in a multistep cyberattack.
  • A malicious code or program designed to alter the operation of a device that can spread from one device to another. Viruses can spread through removable media tools like thumb drives, email attachments, and web pages.
  • A type of attack that occurs when stolen credentials from one account are used to access another account.
  • A malicious, targeted attack that is designed to flood a network with useless traffic, making it unavailable for the intended users.
  • A malicious tool used to record what a person types on a device. Cybercriminals use keylogging software to record every keystroke and gain access to personal information.
  • A cyberattack where a cybercriminal exploits web protocols to insert themselves between a computer and a server to collect and steal data. MITM attacks involve three parties: the victim, the entity that the victim is trying to communicate with, and the “man in the middle” who intercepts the communications. MITM attacks can occur when a cybercriminal gains access to an unsecured or poorly security Wi-Fi router and deploys tools to intercept and read the victim’s transmitted data. 
  • A type of malware that blocks access to device files, systems, or networks unless a ransom is paid. Some cybercriminals may threaten to publish personal data until the ransomware payment is received.
  • A tactic used to trick users into believing their computer is infected with a virus. Typically, users will see a pop-up telling them their system is infected and needs to be resolved by downloading an antivirus software. However, the software is actually fake and infects the device.

  • A technique where a cybercriminal poses as a known and trusted source. Domain spoofing occurs when an attacker impersonates a known business or person. The URL may appear legitimate at first glance, but closer inspection will reveal slight errors. Email spoofing uses emails with fake sender addresses, but because a trustworthy relationship is already established, the recipient is more likely to open the malicious link or attachment.

    Address Resolution Protocol (ARP) spoofing is used by hackers to intercept data. ARP spoofing is committed when an attacker tricks one device into sending messages to the hacker instead of the intended recipient.

  • A malicious code that appears harmless but is actually designed to hold a virus or other damaging file. They can be hidden in free software or email attachments.
  • A type of virus that spreads from device to device without interaction, granting cybercriminals access to the device remotely. Worms are intended to use all a device’s resources, which can cause the device to stop responding.