Most Important IT Notes for UGC -NET JRF SET | KVS| NVS| Other Competitive Exams | One Shot Revision | Kanchan Solani

 Cyber Attack

Phishing

Phishing is a type of cybercrime where attackers use fraudulent emails, websites, or messages to trick individuals into revealing sensitive information such as passwords, credit card numbers, or other personal data. The term "phishing" is a play on the word "fishing," as attackers are essentially "fishing" for victims' information. Phishing attacks often create a sense of urgency or fear to prompt victims to act quickly without verifying the legitimacy of the request.

Smishing

Smishing (short for SMS phishing) is a form of phishing that uses text messages to deceive victims into providing sensitive information. Smishing messages often appear to come from trusted sources, such as banks or government agencies, and may contain links to malicious websites or requests for personal information. The goal is to steal personal data, which can be used for identity theft or financial fraud.

Vishing

Vishing (short for voice phishing) involves using phone calls or voice messages to trick individuals into divulging sensitive information. Attackers may use caller ID spoofing to make the call appear legitimate and often create a sense of urgency to pressure victims into providing personal details. Vishing attacks can be particularly effective because they exploit the trust people have in voice communication.

Whaling

Whaling is a type of phishing attack that specifically targets high-profile individuals such as executives or company leaders. The term "whaling" is a play on the term "phishing" but refers to the "big fish" targets. Whaling attacks often involve highly personalized messages that appear to come from a trusted source, such as a senior executive within the company, and aim to steal sensitive information or gain access to corporate systems.

Pharming

Pharming is a type of cyberattack where attackers redirect internet users to fraudulent websites without their knowledge, often to steal sensitive information such as login credentials, credit card details, or personal data. Unlike phishing, which relies on tricking users into clicking on a malicious link, pharming uses malicious code to automatically redirect users to fake websites that mimic legitimate ones.

Spam 

Spam refers to unwanted, unsolicited messages sent over the internet, often in large quantities, for purposes such as advertising, phishing, or spreading malware. These messages can appear in various forms, including emails, social media posts, instant messages, and comments on blogs and forums. Spam is usually mass-distributed and can be both a nuisance and a security risk.

Common Types of Spam:

1. Email Spam: Unwanted promotional emails or phishing attempts sent to email inboxes.
2. Social Media Spam: Unwanted messages, fake profiles, or promotional posts on social media platforms.
3. Instant Messaging Spam: Unsolicited messages sent through chat apps or messaging services.
4. Comment Spam: Irrelevant or promotional comments posted on blogs, forums, or news articles.

DoS (Denial of Service) Attack

• Definition: A DoS attack aims to make a computer, network, or service unavailable to its intended users by overwhelming it with a flood of illegitimate requests.
• Mechanism: Attackers use a single machine to send excessive traffic to the target, causing it to slow down or crash.
• Objective: The primary goal is to disrupt normal functioning and deny legitimate users access to services or resources.

DDoS (Distributed Denial of Service) Attack

• Definition: A DDoS attack is a more sophisticated version of a DoS attack, involving multiple compromised machines (often part of a botnet) to flood the target with traffic from numerous sources.
• Mechanism: Attackers use a network of infected devices to send overwhelming traffic to the target, making it difficult to mitigate as the traffic comes from multiple locations.
• Objective: Like DoS, the goal is to disrupt services and make resources unavailable, but DDoS attacks are harder to detect and defend against due to the distributed nature of the attack.

Other Important terms :- 

Spyware

Spyware is a type of malicious software designed to secretly monitor and collect information about a user's activities on their computer or mobile device. It can track internet browsing habits, capture keystrokes, steal personal information, and even control the infected device remotely. Spyware is often installed without the user's knowledge and can cause serious privacy and security issues.

Firewall

A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Its primary function is to create a barrier between a trusted internal network and untrusted external networks, such as the internet. Firewalls help protect networks and devices from unauthorized access, cyber attacks, and malicious software by filtering traffic and blocking potentially harmful data.

DOI(Digital Object Identifier) 

A Digital Object Identifier (DOI) is a unique, persistent identifying number for a document published online. It appears on a document or in a bibliographic citation as an alphanumeric string of characters that that acts as an active link to the original digital object (journal article, report, etc.).

Its purpose is to be a permanent, precise identifier for an individual document, regardless of its location on the Internet; a document retains its DOI even if its URL location changes. A publisher assigns a DOI to an article when it is published and becomes accessible online.

• Publishers began assigning DOIs to documents in 2000. Some of them have added DOIs to older material retroactively. Many historical documents do not have DOIs.
• DOIs are managed by the International DOI Foundation. 
• A DOI can appear as either an alphanumeric string of digits or as a webpage URL
• Example:- DOI: 10.1080/15588742.2015.1017687
• https://doi.org/10.1080/15588742.2015.1017687

ISDN Integrated Service Digital Network  

Important MCQ 

1. Which of the following is a type of cyber attack that involves overwhelming a system with traffic to make it unavailable to users?

A) Phishing
B) Malware
C) DoS (Denial of Service)
D) Ransomware

Answer: C) DoS (Denial of Service)

2. What does DDoS stand for in the context of cyber security?

A) Data Denial of Service
B) Distributed Denial of Service
C) Digital Denial of Service
D) Dynamic Denial of Service

Answer: B) Distributed Denial of Service

3. Which of the following is NOT a common method used in phishing attacks?

A) Sending fraudulent emails
B) Creating fake websites
C) Installing antivirus software
D) Requesting personal information

Answer: C) Installing antivirus software

4. What is the primary goal of a whaling attack?

A) To steal personal information from individuals
B) To target high-profile individuals such as executives
C) To infect computers with malware
D) To gain unauthorized access to financial accounts

Answer: B) To target high-profile individuals such as executives

5. Which of the following is a technique used in vishing attacks to gain the victim's trust?

A) Caller ID spoofing
B) Sending spam emails
C) Installing ransomware
D) Creating fake social media profiles

Answer: A) Caller ID spoofing

6. What is the main difference between a DoS attack and a DDoS attack?

A) DoS attacks use multiple sources, while DDoS attacks use a single source
B) DoS attacks target individuals, while DDoS attacks target organizations
C) DoS attacks use a single source, while DDoS attacks use multiple sources
D) DoS attacks are legal, while DDoS attacks are illegal

Answer: C) DoS attacks use a single source, while DDoS attacks use multiple sources

7. Which of the following is a common indicator of a phishing email?

A) Correct spelling and grammar
B) Personalized greetings
C) Legitimate sender addresses
D) Generic greetings and requests for personal information

Answer: D) Generic greetings and requests for personal information

8. What is the primary purpose of spam messages?

A) To provide useful information
B) To advertise products or services
C) To improve cybersecurity
D) To educate recipients

Answer: B) To advertise products or services

9. Which of the following is a preventive measure against pharming attacks?

A) Clicking on unknown links
B) Using outdated antivirus software
C) Enabling DNSSEC
D) Ignoring security updates

Answer: C) Enabling DNSSEC

10.What is the role of social engineering in cyber attacks?
A) To strengthen cybersecurity measures
B) To manipulate individuals into divulging confidential information
C) To provide accurate information to users
D) To enhance the performance of computer systems

Answer: B) To manipulate individuals into divulging confidential information