Page 134 - Web Applications (803) Class 11
P. 134

Notes


                         In 2007, the Storm Worm was released as an email worm. Victims would receive emails containing a bogus news
                         item describing a massive storm that had killed hundreds of people across Europe. In order to construct a botnet that
                         would target prominent websites, over 1.2 billion of these emails were sent over the course of 10 years.
                         ILOVEYOU (also known as the “ILOVEYOU virus”) was a trojan that was created in 2000 and was used in the world’s
                         most destructive cyberattack, resulting in global losses of $8.7 billion. The virus was sent out as a phishing email
                         with the subject line “Please examine the attached love letter from me,” and an attachment named “ILOVEYOU”
                         that seemed to be a text file.



              Eavesdropping

              Eavesdropping is the act of secretly or covertly listening to another person’s private discussion or correspondence
              without their permission. Telephone lines, cell phone networks, email, and instant messaging are all used to listen in
              on conversations.





















              Denial of Service

              A denial-of-service (DoS) assault is a cyber-attack that makes a system or network resource unavailable to its users by
              temporarily or permanently interrupting services. In order to overwhelm systems and prevent requests from being
              fulfilled, denial of service is usually achieved by flooding the targeted computer or resource with unnecessary requests.

              Phishing
              Phishing is the theft of a user’s personal information via fraudulent emails. These emails may contain embedded forms
              with personal information or links to a web page that may ask you to supply this information. Bank account numbers,
              debit/credit card numbers, passwords, and any other valuable data may be attempted to be stolen.
                                                  Attacker sends an
                                                  email to the victim
                                                   1

                                            Attacker                                  2   Victim
                                              4
                                 Attacker uses                  Attacker collects      Victim clicks on the
                               victim’s credentials            victim’s credentials   email and goes to the
                               to access a website                                      pushing websites

                                                               3



                                        Legitimate Website

                132     Touchpad Web Applications-XI
   129   130   131   132   133   134   135   136   137   138   139