Many classmates above explained very well on how the attacker conduct security attack that there are many common types of cyber-attacks such as Password attack (try to guess well-known passwords), Malware attack (install themselves on a system or device surreptitiously without permission) and so on.
In past few years in Thailand, some people have been experiencing the cybercrime for mobile banking service that we can see in news every single day. So, I would like to share the ways on how hacker conduct the Mobile Online Banking.
The hacker applied with multiple security attacks types and skills to attack the users for example –
Fishing or Phishing is aim to steal sensitive information, they performed to collect information as much as they can or received hacked database from the official organizations, they will send fraudulent emails, text messages, or websites that appear to be from legitimate sources, the users may be persuaded to click for winning prize, won lottery, financial loan or provided something that is concerned to banking activities.
Moreover, the attacker may made drama situations that related to user’s personal background and issues (prohibited item from customs or money laundering calls from police station), they proceeded with collecting sensitive information from (Phishing attack) to persuade users to install a remote control application, then they will monitor phone screen and may try to guess well known password (Brute Force Attack) to access into the Mobile Online Banking app while other attacker team members may talk and discuss with the user (Social Engineering).
The idea what we can protect ourselves is to avoid clicking on any links, messages or emails that are unsured. Do not install any unknown/unsure applications. If received links, better to contact the providers.
Most of cyber attackers, they are operating outside the country, so this is one of tasks for health informaticians to think about and have awareness of cyber attacking challenge.