Unit -2

1. Dictionary Attack

A dictionary attack is a type of brute-force attack where an attacker systematically enters

commonly used passwords, phrases, or words from a predefined list (a dictionary) to gain
unauthorized access.
Working Mechanism
1. Collection of Wordlists
o Attackers compile large lists of commonly used passwords (e.g., leaked
passwords, dictionary words).
2. Automated Trial
o A script/program attempts to log in using each word in the dictionary.
3. Success or Failure
o If a password matches, the attacker gains access.
o If unsuccessful, other methods (brute-force, phishing) may be used.
Common Targets
 Web applications with login pages
 Online banking systems
 Corporate networks
 Email accounts
Prevention Measures

✅ Use complex passwords (mix of uppercase, lowercase, numbers, and symbols).

✅ Enable multi-factor authentication (MFA).
✅ Limit failed login attempts (account lockout mechanisms).
✅ Use CAPTCHA to prevent automated attacks.
2. Cookie Replay
A cookie replay attack occurs when an attacker intercepts and reuses a valid session cookie
to gain unauthorized access to a web application without authentication.
How It Works?
1. Interception
o The attacker captures a user’s authentication cookie using MITM (Man-in-
the-Middle) attacks, malware, or sniffing.
2. Reuse of Cookie
o The attacker sends the stolen cookie to the web server to access the victim’s
account.
3. Successful Impersonation
o The server recognizes the cookie as a legitimate session and grants access.
Common Techniques Used
 Session Hijacking (stealing an active session cookie)
 MITM attacks (intercepting network traffic)
 Cross-Site Scripting (XSS) (injecting malicious scripts to steal cookies)
Prevention Measures

✅ Use Secure and HttpOnly flags in cookies.

✅ Implement session expiration and token validation.
✅ Use SSL/TLS encryption to prevent network interception.
✅ Deploy Web Application Firewalls (WAF).
3. Credential Theft
Credential theft refers to the unauthorized acquisition of a user’s username, password, or
authentication credentials. It is often the first step in larger cyberattacks.
Methods of Credential Theft
1. Phishing Attacks – Trick users into revealing credentials via fake emails or websites.
2. Keylogging – Malware records keystrokes to capture login details.
3. Credential Dumping – Extracting credentials from Windows Memory (LSASS),
browser storage, or system files.
4. Brute Force Attacks – Automated tools try various password combinations.
5. MITM Attacks – Intercepting network traffic to capture login details.
Common Targets
 Banking websites
 Social media accounts
 Enterprise login portals
 Cloud services
Prevention Measures

✅ Enable Multi-Factor Authentication (MFA).

✅ Use password managers for secure storage.
✅ Monitor logs for unauthorized access.
✅ Regularly update and rotate passwords.
✅ Deploy endpoint security solutions to detect malware.
4. Disclosure of Confidential Data
The disclosure of confidential data happens when sensitive information (financial data,
personal details, trade secrets) is exposed to unauthorized entities, intentionally or
accidentally.
Types of Data Disclosure
1. Accidental Disclosure – Misconfigured servers, misdirected emails.
2. Insider Threats – Employees leaking sensitive data.
3. Hacking Incidents – Data breaches exposing records.
4. Physical Theft – Stolen laptops, USB drives with sensitive information.
Examples of Confidential Data
 Personal Identifiable Information (PII)
 Financial records
 Intellectual property
 Medical records
Prevention Measures

✅ Encrypt sensitive data in transit and at rest.

✅ Restrict access using role-based access control (RBAC).
✅ Use data loss prevention (DLP) tools.
✅ Educate employees on secure data handling.
5. Data Tampering
Data tampering is the unauthorized modification, deletion, or insertion of data to
manipulate information for personal gain or to cause disruption.
How Data Tampering Happens?
1. SQL Injection (SQLi) – Attackers modify database queries to alter stored data.
2. Man-in-the-Middle (MITM) Attack – Intercepting data in transit and modifying it
before it reaches its destination.
3. Malware Injection – Injecting malicious code to alter system files.
4. Insider Manipulation – Employees altering records for fraud.
Examples
 Modifying financial transactions in banking systems.
 Altering academic records in university databases.
 Tampering with digital evidence in legal cases.
Prevention Measures

✅ Use cryptographic hashing (e.g., SHA-256) to verify data integrity.

✅ Implement database security best practices (least privilege access).
✅ Enable logging and monitoring to detect anomalies.
✅ Use HTTPS to secure data transmission.
6. Luring Attack
A luring attack is a social engineering attack where attackers trick users into performing
actions that compromise security, such as clicking malicious links, downloading malware, or
revealing credentials.
How Luring Attacks Work?
1. Fake Advertisements – Attackers create enticing offers to lure victims.
2. Malicious Email Attachments – Disguised as invoices, documents, or job offers.
3. Impersonation Attacks – Pretending to be a trusted entity (boss, IT team).
4. Drive-by Downloads – Infecting devices when a user visits a compromised website.
Examples
 Fake tech support calls urging users to install malware.
 Job scams asking users to submit credentials.
 Free software downloads containing backdoors.
Prevention Measures

✅ Verify sender identity before opening attachments.

✅ Avoid clicking suspicious links in emails.
✅ Use browser security extensions to block malicious sites.
✅ Educate users on recognizing social engineering tactics.
7. Phishing Attack
A phishing attack is a fraudulent attempt to obtain sensitive information by disguising as a
trustworthy entity through fake emails, websites, or messages.
Types of Phishing Attacks
1. Email Phishing – Fake emails pretending to be from banks, IT teams, or services.
2. Spear Phishing – Targeted attacks against specific individuals or organizations.
3. Whaling – High-level phishing targeting executives (CEO fraud).
4. Smishing & Vishing – Phishing through SMS (smishing) or phone calls (vishing).
5. Clone Phishing – Cloning a legitimate email with malicious modifications.
Common Techniques
 Spoofing email domains to appear legitimate.
 Fake login pages mimicking real websites.
 Malicious attachments with trojans, ransomware, or spyware.
Prevention Measures

✅ Verify URLs before entering credentials.

✅ Use email filtering to block suspicious messages.
✅ Enable anti-phishing protection in browsers.
✅ Train employees to recognize phishing attempts.