Cyber Security Unit III Page 1

Unit III
3.1 Cybercrime on mobile and wireless devices: Security challenges posed by mobile devices

What is Mobile Security in Cyber Security?

Mobile device security is important to keep our smartphones, tablets, and other portable devices safe
from cyber criminals and hackers. The main goal of mobile device security is to keep our devices and
other electronic devices safe from being hacked or other illegal activities. In our daily lives, it is very
crucial to protect our private information from strangers and hackers. Mobile device security acts as a
shield to ensure that our digital life remains secure.

What is Mobile Security?

Mobile device security states that the protection set together to prevent hackers and other unauthorized
users from accessing smartphones, tablets, and other portable electronic devices. It means
implementing plans and employing instruments to protect private, sensitive, and personal data on
these devices. To ensure that users may use their mobile devices safely and securely, mobile device
security simply attempts to prevent unauthorized access, data breaches, and virus attacks on mobile
devices. Mobile device cybersecurity covers protecting data on the device itself as well as on
endpoints and networking hardware that are connected to the device.

Why is Mobile Device Security Important?

Mobile device security is crucial for several reasons:
• Individual Information Insurance: Cell phones store an abundance of individual data,
including contacts, messages, photographs, and monetary subtleties. Getting these gadgets
safeguards delicate information from unapproved access and likely abuse.
• Protection Worries: With applications and administrations getting to different individual
information, hearty security guarantees that this data isn’t uncovered or abused by vindictive
gatherings.
• Counteraction of Unapproved Access: Cell phones frequently act as doors to different
frameworks, for example, email accounts and corporate organizations. Solid safety efforts
Cyber Security Unit III Page 2

assist with forestalling unapproved admittance to these frameworks through compromised

gadgets.
• Relieving Malware and Assaults: Cell phones are vulnerable to malware, phishing
assaults, and different types of digital dangers. Safety efforts like antivirus programming
and customary updates help safeguard against these dangers.
• Monetary Insurance: Many individuals utilize their cell phones for banking and shopping.
Guaranteeing gadget security safeguards monetary exchanges and forestalls false exercises.
• Consistence Prerequisites: Associations frequently need to conform to information
assurance guidelines (e.g., GDPR, CCPA). Secure cell phones assist with meeting these
legitimate and administrative necessities.
• Business Congruity: For organizations, cell phones frequently contain basic business
related information. Getting these gadgets is fundamental to guarantee business tasks can
proceed flawlessly without interferences because of safety breaks.
• Notoriety The Board: A security break can harm a person’s or alternately association’s
standing. Guaranteeing cell phone security keeps up with trust and believability with clients,
accomplices, and clients.

What are the Benefits of Mobile Device Security?

The benefits of mobile device security are significant and wide-ranging:
• Insurance of Individual Data: Safety efforts assist with defending delicate individual
information, for example, contact subtleties, messages, photographs, and monetary data,
from unapproved access and likely abuse.
• Upgraded: Serious areas of strength for protection conventions guarantee that individual
and confidential data stays private and isn’t presented to unapproved parties or pernicious
entertainers.
• Counteraction of Unapproved Access: Compelling security keeps unapproved clients
from getting to the gadget and its items, including delicate applications and records.
Cyber Security Unit III Page 3

• Relief of Digital Dangers: Cell phone security safeguards against malware, phishing
assaults, and different types of digital dangers that could think twice about gadget and its
information.
• Secure Correspondence: Encryption and secure correspondence conventions assist with
guaranteeing that messages and calls produced using the gadget are private and safeguarded
from block attempt.
• Monetary Wellbeing: For clients who go through with monetary exchanges or oversee
banking exercises on their cell phones, safety efforts help safeguard against
misrepresentation and monetary misfortune.

How Does Mobile Device Security work?

Here are six key components:
• Confirmation: This includes checking the character of the client prior to giving admittance
to the gadget. Normal strategies incorporate passwords, PINs, biometric information (like
fingerprints or facial acknowledgment), and multifaceted confirmation (MFA). This
guarantees that main approved people can get to the gadget and its items.
• Encryption: Information encryption safeguards data put away on the gadget and sent over
networks by changing over it into a code that must be translated by approved clients. Full-
plate encryption gets all information on the gadget, while encryption of individual
documents or interchanges guarantees explicit information stays classified.
• Secure Working Frameworks: Portable working frameworks (operating system) are
planned with security highlights to safeguard against dangers. Ordinary updates and fixes
are crucial for address weaknesses and upgrade security. Operating system security
highlights could incorporate sandboxing (secluding applications from one another), secure
boot processes, and application consents the executives.
• Antivirus and Against Malware Programming: These projects recognize and alleviate
vindictive programming that could think twice about gadget. They filter for and eliminate
infections, worms, spyware, and other destructive programming, giving continuous
insurance against new dangers.
Cyber Security Unit III Page 4

• Far off Administration and Observing: For authoritative gadgets, cell phone the
executives (MDM) arrangements empower remote checking, the board, and control.
Elements might incorporate remote wipe (to eradicate information assuming that the gadget
is lost or taken), gadget following, and authorization of safety approaches and designs.
• Network Security: Guaranteeing secure correspondence over networks is essential. This
includes utilizing VPNs (Virtual Confidential Organizations) to encode information
communicated over open organizations, utilizing secure Wi-Fi conventions (like WPA3),
and keeping away from associations with unstable or dubious organizations.

Types of Mobile Device Security

• Lock Screen Security– To secure access to our devices and to prevent unwanted use of
PIN code, password, fingerprint, or facial recognition.
• Encryption– This is the strong technique used by encrypting our data to avoid the
possibility of data leakage even if our device is stolen also the person who takes it won’t be
able to access our personal information without the decryption algorithm.
• App Permissions– Limit the app permissions to verified users only and examine and adjust
to limit personal information, such as your location, contacts, or camera.
• Software Update– Keep updating the operating system and apps on your device to
minimize risks, and security flaws and defend against the most recent threats.
• Avoid Public WiFi– Use public Wi-Fi very carefully as these networks may be insecure
and leak your data directly to hackers. Install a VPN instead.
• Backup Data- In case your device is stolen, lost, or mishandled by someone then there is a
high risk of loss of data so keep regular backup of your data to a secure location like any
external hard drive or cloud storage.
• Remote Wipe– To protect your personal information from unauthorized access enable
remote wipe functionality to suddenly erase all of your data if your device is lost or stolen.
Cyber Security Unit III Page 5

Threats to Mobile Security

Common risks to mobile security include:
• Malware– It is malicious software whose only purpose is to infect mobile devices to track
users’ activities and steal confidential data. They can interfere with the functions of normal
devices.
• Phishing– It is a fraud attempt to fool users into getting personal information such as
passwords, credit card numbers, or login credentials. It is done through emails, texts, or ads
on websites.
• Unsecured Wi-Fi Networks– It is unsafe to use open Wi-Fi networks in public areas as
devices are vulnerable to blocking, eavesdropping, and MITM attacks.
• App Vulnerabilities– Hackers can take advantage of incorrectly written codes of mobile
apps. They might have security flaws so they can hack to access private information or use
devices without authorization.
• Lost or Stolen Devices– Protect your devices from third-party access as thieves or hackers
may be able to steal the data of lost or stolen mobile devices which might result in identity
theft or data breaches.

Components of Mobile Device Security

Endpoint Security
It is the process of protecting all vulnerable endpoints and every entry point of user devices such as
desktops, laptops, and mobile devices. Any endpoint that connects to the company’s network is a
vulnerable point which may provide a potential entry point for cybercriminals. This security feature
can use tools like antivirus software, firewalls, encryption, etc to keep your information and devices
safe from hackers.
Virtual Private Network (VPN)
VPN creates a secure private connection as if the device were physically connected to the network
between a mobile device and a private network allowing users to send and receive data. It enhances
Cyber Security Unit III Page 6

remote access facility by providing a secured connection to company resources to protect the data that
is being transferred over public networks using encryption.
Email Security
Email security measures protect communication from cyber threats like phishing, malware, and
unauthorized access. Common measures include spam filters, encryption, and authentication protocols
which protect email content and avoid malicious activities that could compromise sensitive
information. Take email security seriously to ensure your emails are always protected.
Penetration Scanners
Any security vulnerabilities which is present in computer systems, networks, and apps are identified
by penetration scanners. They can scan the infrastructure of the industry to identify weaknesses that
could be exploited by attackers. Detailed reports generated on research and scans help organizations
prioritize and address security risks effectively.

How to Secure Mobile Devices for Your Organization?

• Awareness and education: Keep yourself updated
on the most recent mobile risks and how to deal with them. Education is one of the most
effective defenses against mobile security threats.
• Use two-factor authentication and strong passwords: Always make all of your
passwords unique and strong. Also, you can make an extra layer of protection by enabling
two-factor authentication.
• Encryption: Use encryption to protect sensitive information and data if your device is lost
or stolen. Readable data is changed into unreadable form through encryption which makes
it difficult for unwanted users to decode.
• Secure WiFi networks: You may strictly avoid using public WiFi for important
transactions. If required use VPN to protect your connection.
• Install apps from trusted sources: Whenever you install any apps make sure to verify user
reviews and permissions of that store before the installation process and only download
them from reputed stores like the Apple App Store or Google Play Store.
Cyber Security Unit III Page 7

• Regular Backups: Always do regular backups of the systems having data in them. By doing
it you will still be able to access your critical data even if your device is stolen or lost.

3.2 Attacks on wireless networks

In our increasingly connected world, wireless networks have become the backbone of
modern communication and productivity. From homes to businesses, the convenience and flexibility
offered by wireless technology are undeniable. However, as the reliance on wireless networks grows,
so does the urgency to address the looming threats that hover in the digital shadows.

In this blog, we will understand the various types of wireless network attacks that could compromise
your data, privacy, and overall security. Armed with this knowledge, we will delve into effective
strategies and preventive measures to fortify your wireless infrastructure, ensuring you can navigate
the digital realm with confidence and peace of mind.

Whether you’re an individual user or a business owner, understanding and mitigating these risks is
paramount in safeguarding your network against potential adversaries and preserving the integrity of
your digital existence. So, let’s dive in and explore the world of wireless network vulnerabilities to
establish a robust foundation of security in the wireless era.

What are Wireless Network Attacks?

Wireless network attacks are deliberate and malicious actions aimed at exploiting vulnerabilities in
wireless communication systems to gain unauthorized access, intercept sensitive data, disrupt network
operations, or compromise the security of devices and users connected to the network. These attacks
target weaknesses in the protocols, configurations, or encryption mechanisms of wireless networks,
taking advantage of their inherent nature of broadcasting signals over the airwaves.
Cyber Security Unit III Page 8

Types of Wireless Network Attacks

Wireless networks have undoubtedly revolutionized the way we communicate and conduct business,
offering unparalleled convenience and mobility. However, with this freedom comes the lurking threat
of malicious attackers seeking to exploit the vulnerabilities inherent in wireless technology. Here are
some of the common types of wireless network attacks:

1. Wireless Eavesdropping (Passive Attacks)

Attackers use tools like packet sniffers to intercept and monitor wireless communications between
devices. By capturing data packets transmitted over the air, they can potentially obtain sensitive
information, such as login credentials, financial data, or personal information.

2. Wireless Spoofing (Man-in-the-Middle Attacks)

In these attacks, the attacker positions themselves between the wireless client and the legitimate access
point, intercepting and manipulating data transmissions. The attacker may then relay the information
back and forth, making it appear as if they are the legitimate access point. This enables them to snoop
on data or perform other malicious actions unnoticed.

3. Wireless Jamming (Denial-of-Service Attacks)

Attackers flood the wireless frequency spectrum with interference signals, disrupting legitimate
communications between devices and access points. By creating excessive noise, they can render the
wireless network unusable for legitimate users.

4. Rogue Access Points

Attackers set up unauthorized access points, mimicking legitimate ones, to deceive users into
connecting to them. Once connected, the attacker can eavesdrop, capture data, or launch further attacks
on the unsuspecting users.

5. Brute-Force Attacks
Attackers try various combinations of passwords or encryption keys in rapid succession until they find
the correct one to gain unauthorized access to the wireless network.
Cyber Security Unit III Page 9

6. WEP/WPA Cracking
Attackers exploit vulnerabilities in older wireless security protocols like Wired Equivalent Privacy
(WEP) and Wi-Fi Protected Access (WPA) to gain unauthorized access to encrypted wireless
networks.

7. Evil Twin Attacks

Attackers create fake access points with names similar to legitimate ones, tricking users into
connecting to the malicious network. Once connected, the attacker can intercept sensitive data or
execute further attacks.

8. Deauthentication/Disassociation Attacks
Attackers send forged deauthentication or disassociation frames to wireless devices, forcing them to
disconnect from the network, leading to service disruptions or potential vulnerabilities when devices
automatically reconnect.

Preventing Wireless Network Attacks: Safeguarding Your Digital Domain

Protecting your wireless network from potential threats is paramount, and we have compiled a
comprehensive list of preventive measures to ensure your digital domain remains secure. Follow these
essential tips to fortify your wireless network against attacks:

1. Update your computer often

Regularly update your operating system and applications to ensure you have the latest security patches
and fixes. Timely updates help address discovered vulnerabilities, making it harder for attackers to
exploit known weaknesses.

2. Use MAC filtering

Enable MAC filtering on your wireless router to control access to your network. By specifying which
devices are allowed to connect based on their unique MAC addresses, you can prevent unauthorized
access and enhance your network’s security.
Cyber Security Unit III Page 10

3. Disable SSID broadcasting

Turn off SSID broadcasting to make your wireless network invisible to casual observers. This prevents
your network from being easily discoverable and adds an extra layer of obscurity for potential
attackers.

4. Use WPA2 encryption

Utilize WPA2 encryption, the latest and most secure protocol, to safeguard your data as it travels
between devices and access points. Encryption ensures that even if intercepted, your data remains
unintelligible to unauthorized entities.

5. Change the default SSID

Customize your router’s SSID to something unique and unrelated to personal information. Avoid
using common names like “Linksys” or “default” to deter attackers from identifying and targeting
your network.

6. Disable file sharing

Turn off file sharing on your network to prevent unauthorized users from accessing your sensitive
files. If file sharing is necessary, ensure you set up secure passwords to limit access to approved users
only.

7. Enable WEP encryption (only if using an older router)

If your router doesn’t support WPA2, use WEP encryption as a fallback option. However, keep in
mind that WEP is less secure than WPA2 and should only be considered if absolutely necessary.

By implementing these preventive measures, you significantly bolster your wireless network’s
security, thwarting potential attackers, and safeguarding your sensitive information and digital
activities. Stay one step ahead in the ever-evolving landscape of cybersecurity, and let your wireless
network become a fortress of protection for all your digital endeavors.
Cyber Security Unit III Page 11

In conclusion, securing your wireless network is paramount in safeguarding your digital existence
from potential threats. By understanding the various types of attacks and implementing the preventive
measures outlined in this blog, you can fortify your network against malicious intruders.

However, ensuring the highest level of security for your wireless infrastructure requires expert
guidance and tailored solutions. That’s where Konverge Technologies can help! Our team of
cybersecurity professionals is ready to assess your network, identify vulnerabilities, and implement
robust defense strategies.

Don’t leave your network’s security to chance. Take proactive steps to protect your data, privacy, and
productivity. Contact Konverge Technologies today and let us fortify your wireless network,
providing you with the confidence and peace of mind to navigate the digital realm securely.

Wireless networks have become an integral part of our daily lives, providing convenience and connectivity.
However, the same wireless networks that offer so much convenience can also be vulnerable to various security
threats. Let’s explore the different types of wireless network attacks, their implications, and how to protect your
network from them.

Consider the following:

A study by the Ponemon Institute found that the number of wireless network attacks increased by 50% in 2022.

In 2023, the most common type of wireless network attack is packet sniffing. Another common type of wireless
network attack is a rogue access point. – Verizon

Wireless network attackers are using new forms of Man-in-the-Middle (MITM) attacks to stealthily hijack traffic.
– Cyber Security News
Cyber Security Unit III Page 12

Understanding Wireless Network Attacks

Wireless network attacks refer to malicious activities aimed at compromising the security and integrity of wireless
networks. These attacks exploit vulnerabilities in wireless protocols, network configurations, or devices connected
to the network.

The attacks on wireless networks are for the purpose of intercepting communications or injecting malicious code
into devices that are connected to the network. By understanding the types of attacks, you can take the necessary
precautions to safeguard your network infrastructure.

Types of Wireless Network Threats You Need to Be Aware of:

Rogue Access Points: An Invitation to Intruders

Rogue access points are unauthorized wireless access points that attackers set up to trick unsuspecting users into
connecting to them. These rogue access points mimic legitimate networks, allowing attackers to intercept sensitive
information or launch further attacks.

Man-in-the-Middle Attacks: Intercepting Your Data

In a man-in-the-middle attack, an attacker positions themselves between the user and the target network,
intercepting and possibly modifying the communication. This allows the attacker to eavesdrop on sensitive
information, such as login credentials or financial data.

Denial-of-Service (DoS) Attacks: Disrupting Network Availability

Denial-of-Service (DoS) attacks aim to render a wireless network or its resources unavailable to legitimate users.
Attackers flood the network with excessive traffic or exploit vulnerabilities to crash network devices, causing
disruptions and potential financial losses.
Cyber Security Unit III Page 13

Evil Twin Attacks: Impersonating Legitimate Networks

An evil twin attack involves creating a malicious wireless network that appears identical to a legitimate network.
When users unknowingly connect to the evil twin network, attackers can capture their sensitive information or
manipulate their online activities.

Password Attacks: Gaining Unauthorized Access

Password attacks target the passwords used to authenticate users on a wireless network. Attackers employ various
techniques such as brute-forcing, dictionary attacks, or exploiting weak password policies to gain unauthorized
access.

Packet Sniffing: Stealing Information in Transit

Packet sniffing refers to capturing and analyzing network traffic to extract valuable information. Attackers can
intercept unencrypted data packets transmitted over wireless networks, potentially obtaining sensitive information
such as login credentials or financial details.

MAC Spoofing: Impersonating Authorized Devices

MAC spoofing involves altering the Media Access Control (MAC) address of a device to impersonate a legitimate
device on the network. Attackers use MAC spoofing to bypass network filters, gain unauthorized access, or launch
further attacks.

War Driving: Unveiling Weak Wireless Networks

War driving is the act of searching for wireless networks, often using a vehicle equipped with a wireless network
detector. Attackers engage in war driving to identify vulnerable networks with weak security settings, making them
easy targets for exploitation.
Cyber Security Unit III Page 14

Bluejacking and Bluesnarfing: Exploiting Bluetooth Vulnerabilities

Bluejacking refers to the unauthorized sending of unsolicited messages to Bluetooth-enabled devices. On the other
hand, bluesnarfing involves unauthorized access to a Bluetooth device’s information, such as contacts, emails, or
calendars. These attacks exploit Bluetooth vulnerabilities and lack of user awareness.

WiFi Jamming: Disrupting Wireless Network Connectivity

WiFi jamming is a technique used to intentionally disrupt the connectivity of wireless networks. Attackers employ
specialized tools or devices to flood the network with interference, causing signal degradation or complete network
unavailability. This disruptive action hampers legitimate users’ ability to connect to the network, resulting in
inconvenience and potential security risks.

Protecting Your Wireless Network

Strong Encryption: Shielding Your Data

Implement strong encryption protocols, such as WPA3, to secure your wireless network traffic. Encryption
scrambles data, making it unreadable to unauthorized parties attempting to intercept it.

Network Segmentation: Reducing Attack Surface

Segment your wireless network into separate virtual networks, each with different access controls and security
levels. This approach reduces the impact of a potential breach and prevents lateral movement by attackers.

Intrusion Detection and Prevention Systems: Monitoring Network Activity

Deploy intrusion detection and prevention systems (IDPS) that monitor network traffic, detect suspicious
behaviour, and block potential threats in real-time. An IDPS acts as an additional layer of defence against various
wireless network attacks.
Cyber Security Unit III Page 15

Regular Security Updates: Patching Vulnerabilities

Stay up to date with the latest security updates and patches for your wireless devices and network equipment.
Manufacturers release updates to address newly discovered vulnerabilities, and keeping your systems updated is
crucial to maintaining network security.

How does Progressive Infotech help?

Progressive Infotech provides a comprehensive solution for monitoring wireless networks and systems for
vulnerabilities. With our 24×7 NOC-SOC facilities, you gain the capability to identify and categorize your
networks, regulate access by removing unnecessary permissions, and analyze the behaviour of users and entities.

By attaining visibility into your IT infrastructure, you can promptly identify wireless network threats and respond
swiftly to mitigate them using Progressive’s automated and pre-defined threat models

3.3 Credit card frauds

Credit Card Frauds

This era belongs to technology where technology becomes a basic part of our lives whether in business
or home which requires connectivity with the internet and it is a big challenge to secure these units
from being a sufferer of cyber-crime. Wireless credit card processing is a tremendously new service
that will enable an individual to process credit cards electronically, virtually anywhere. It permits
corporations to process transactions from mobile locations quickly, efficiently, and professionally and
it is most regularly used via organizations that function in general in a cellular environment.

Nowadays there are some restaurants that are using wifi processing tools for the safety of their credit
card paying customers. Credit card fraud can take place when cards are misplaced or stolen, mails are
diverted by means of criminals, employees of a commercial enterprise steal some consumer
information.

Techniques of Credit Card Frauds :

Cyber Security Unit III Page 16

1. Traditional Techniques :
• Paper-based Fraud –
Paper-based fraud is whereby a criminal makes use of stolen or faux files such as utility
payments and financial institution statements that can construct up beneficial Personally
Identifiable Information (PII) to open an account in anybody else’s name.
• Application Fraud –
1. ID Theft :
Where a person pretends to be anybody else.
2. Financial Fraud :
Where a person offers false data about his or her monetary reputation to gather
credit.

3. Modern Techniques :

Skimming to Commit Fraud is a kind of crime in which dishonest employees make unlawful copies
of credit or debit cards with the help of a ‘skimmer’. A skimmer is a gadget that captures credit card
numbers and other account information which should be personal. The data and records held on either
the magnetic stripe on the lower back of the deposit card or the records saved on the smart chip are
copied from one card to another.
3.4 Mobile and wireless era
Computing Technologies are the technologies that are used to manage, process, and communicate
the data. Wireless simply means without any wire i.e. connecting with other devices without any
physical connection. Wireless computing is transferring the data or information between computers
or devices that are not physically connected to each other and having a “wireless network
connection”. For example, mobile devices, Wi-Fi, wireless printers and scanners, etc. Mobiles are
not physically connected but then too we can transfer data.
Cyber Security Unit III Page 17

Mobile is a computing device that not require any network connection or any connection to transfer
data or information between devices. For example laptops, tablets, smartphones, etc. Mobile
computing allows transferring of the data/information, audio, video, or any other document without
any connection to the base or central network. These computing devices are the most widely used
technologies nowadays.

There are some wireless/mobile computing technologies given below:

1. Global System for Mobile Communications (GSM) :

GSM is a Current circuit-switched wireless data communication technology. It is
established in Europe by ETSI (European Telecommunications Standards Institute) in the
mid-1980s. GSM network has 4 different parks that who’s functions are different: Mobile
Station, BSS (Base Station Subsystem), NSS (Network Switching Subsystem), OSS
(Operation and Support Subsystem).
As the name suggests, GSM is widely used for the mobile communication system. It
operates in the frequency band 900-MHz, 1800-MHz, and 1900-MHz. GSM is developed
using TDMA (Time Division Multiple Access) for better communication using mobile. It
is the most widely used mobile communication system and is mostly required nowadays.
It can achieve maximum data transmission speed or data transmission rate up to 9.6Kbps
(Kilobits per second).

2. Code-Division Multiple Access (CDMA) :

CDMA is a type of wireless computing technology. It is developed during World War II.
This technology is mostly used as it provides better network quality, more storage capacity
for voice and data communications than TDMA, decreases system noise and interference
using power control, provides more security by encoding the user transmission data into a
unique code.
CDMA does not provide any user with a specific frequency instead utilizes the entire
frequency spectrum available for transmission. It operates in the frequency range of 800
MHz to 1.9 GHz. It uses Soft Handoff that reduces signal breaks.
Cyber Security Unit III Page 18

3. Wireless in Local Loop (WLL) :

WLL is a widely used technology for wireless communication systems. It is also called a
Fixed Wireless Loop. WLL is very easy to develop and less time is required to install, very
cost-effective as wireless systems are less expensive because the cost of cable installation
is not added.
WLL allows users to connect to the local telephone station using a wireless link and
provides advanced features of customer service. It provides high-quality data transmission
and a high data rate. Generally, two types of WLL techniques are available: Local
Multipoint Distribution Service (LMDS) and Multichannel Multipoint Distribution
Service (MMDS).

4. General Packet Radio Service (GPRS) :

GPRS is a type of Packet-based Wireless communication technology. It is established by

ETSI (European Telecommunications Standards Institute). GPRS can achieve a data
transfer rate of up to 114Kbps. It is very cost-effective, highly stable, can achieve a
maximum data rate of up to 114Kbps (Kilobits per second). It supports Internet Protocol
(IP), X.25 (standard protocol for packet-switched data communication), Point-to-Point
protocol (PPP), and based on Gaussian minimum-shift keying (GMSK) which is a
modulation technique.
The Gateway GPRS Service Node (GGSN) and the Serving GPRS Service Node (SGSN)
are the two core modules required to enable GPRS on GSM network or TDMA network.
Cyber Security Unit III Page 19

5. Short Message Service (SMS) :

SMS is originally created for a phone/mobile that uses GSM Global System for Mobile
communication). This service is used to send text messages even without the Internet
connection between two or more mobile devices. This technique is very easy, user-
friendly, comfortable and the most effective means of wireless communication.
In this service, less time is required for communication. It does not require any Internet
connection for sending text messages. It allows the transmission of short messages i.e. up
to 160 characters in length. SMS uses standardized communication protocols. SMS is
received by Short Message Service Center (SMSC)

3.5 Authentication security service

What Is an Authentication Service?

An authentication service is typically a cloud service that helps authenticate end users to multiple applications and
resources across the organization to verify a user’s identity. On the other hand, authorization services make sure
that only authorized users with the appropriate access rights can access a particular resource. This article helps to
explain some authentication fundamentals and how authentication services can help to get authentication done
right.

In Zero Trust architectures, you may have a single policy enforcement point doing authentication & enforcing
authorization policy.

What Is Authentication, and Why Is It Used?

Cyber Security Unit III Page 20

Authentication is essential to verify the user's identity and restrict illegitimate bad guys from accessing your
system. Suppose an end user wants to access protected resources. In that case, they must first be authenticated,
commonly by providing a login credential, such as a username and password, or a more reliable passwordless proof
of identity.

When users attempt to access a resource, authentication services will jump in to verify the user’s identity so that
only the right users are granted access. If the requester or web service client successfully passes a user
authentication process, they can access a requested resource.

Some of the legacy technologies used for user authentication include:

• HTTP basic authentication

• LDAP – a protocol that helps use a single directory service for user authentication
• One-time password hardware tokens
• RADIUS
• Certificate-based authentication

Currently, there are more advanced passwordless authentication methods, including:

• Hardware tokens
• Passwordless authentication services like Peig

Authentication Principles
Fundamentally, there are three ways users can be authenticated:

• Knowledge: Something only you know.

• Possession: Something you have in your possession.
• Inherence: Something that is integral to your physical self.

Sometimes the inherence principle is split into two more sub-categories: Biometrics and Behavioral. Sometimes
it’s arguable what is biometric and what’s behavioral. Take breathing as a biometric method for user authentication.
It seems natural that breathing would be considered a biometric trait when considering a short timeframe. On the
other hand, your breathing pattern may change significantly with athletic or breathing exercises. For the sake of
simplicity, we’ll try to use clear-cut examples to explain the different methods in more detail.
Cyber Security Unit III Page 21

What Do You Know?

The knowledge-based authentication method is most known in the form of the password - something you hold in
your head and hypothetically keep secret. But what if you get caught in a phishing campaign, or a hacker gets a
hold of a whole database with many passwords? People often think they wouldn’t be fooled by phishing emails –
unfortunately, statistics show that phishing attacks are increasingly more common and also are getting harder to
recognize.

Other examples of knowledge-based authentication could be a PIN, a picture code, or motion pattern. These are
more secure if coupled with a particular device, which is also authenticated.

What Do You Have?

Possession authentication verifies a user by providing reliable proof of possession of a particular thing. Sometimes
this could be an ID card or another type of document. Unfortunately, it’s not very secure to send these over the
internet – once a hacker gets a hold of a copy, they could very well impersonate you in many situations.

More secure ways to authenticate possession include:

• Smart cards
• Authentication apps*
• Security tokens (e.g. USB authenticators)**
• Passwordless access platforms

The reason these are fundamentally more secure is that each of these is built on principles of cryptography stored
on authentication devices – a secret that only the device “knows” and can use to prove that it was really that one
device. To understand this better, you can read up on public key cryptography, which is often used to make
possession-based authentication reliable.

* Authentication apps do better than sole passwords; however, they are proving to provide poor protection against
the most common types of cyber threats: phishing attacks, MiTM, MFA prompt bombing, etc.

**Same applies to some security tokens.

Cyber Security Unit III Page 22

Who Are You?

A practical way to authenticate users is to check their biometric attributes in real time. Biometric authentication
requires something unique about the user, such as his:

• Behavioral attributes (e.g., keystroke dynamics – best for mobile app, gait recognition, voice recognition),
• Physiological attributes (e.g., face recognition, handwriting dynamics, signature, iris scan, palm scan, and
fingerprint).

The downside of biometric authentication is that it’s based on “publicly” available “static” data. This makes
biometric authentication on its own very unreliable. In the case of authentication based on facial recognition, facial
features may be harvested from publicly available media sources (e.g., social media).

Notice the contrast between the principles of biometric and knowledge-based authentication. Biometric
authentication works on the basis of unique and “public” data about your physical traits. Password-based
authentication, on the other hand, is based on secret information. In fact, password secrecy is so important that
companies typically use complicated password policies (periodical password changes, password expiration, reset
scenarios, etc.) to ensure they stay secret. Similar approaches are used for cryptography used in possession-based
authentication. Unlike passwords or cryptography, some physical traits cannot be changed.

Biometric authentication should really be applied with care in well-understood and isolated environments.

Similarly, users’ authentication can be enhanced with geographical or behavioral data like GPS, IP address, etc.
Unfortunately, these all have similar limitations as biometric data – hackers can easily fake a location or an IP
address.

Is Authentication a Security Service?

Yes, authentication services are fundamentally cybersecurity services aiming to ensure resource security.
Authentication services typically provide this using a combination of:

• Multi-Factor Authentication (MFA)

• Single Sign-On (SSO)
Cyber Security Unit III Page 23

• Password Management

Why are Authentication Services Used?

Authentication services are typically used as part of an identity and access strategy for users accessing corporate
resources. Authentication services are crucial security enablers to grant or deny access to an organization's data,
applications, or networks. Below are some other benefits.

• Strengthens security
• Simplifies login process
• Enables enterprise mobility
• Meets compliance

What Are the Types of Authentication Security Mechanisms?

Below is a description of various types of authentication methods.

Pseudo-Passwords, Bloom Filter, and No-Textual Approaches

This section lists complementary yet presently insufficient security approaches to improve password
authentication, such as Honeywords, Non-Textual, Bloom Filter, and Graphical Passwords. These approaches aim
to assist authentication companies in providing a “secure” authentication service and access control. However,
given the state-of-the-art, these approaches are unable to provide appropriate protection against the most common
hacking techniques.

Honeywords create pseudo-passwords near the actual password to entice imposters to employ these bogus
passwords. Security engineers also use alternate names to Honeywords, including Failwords, Honeyfile,
Camouflage System, etc. Likewise, the Bloom Filter technique fools bad guys by applying distinct hash operations
on existing passwords. Furthermore, a Non-Textual authentication service uses sketches or drawing patterns,
images, and graphics for user validation and verification.

Multi-Factor Authentication (MFA)

The MFA is a renowned web service authentication that requires at least two authentication methods, or two-factor
authentication services, from various credentials to verify a user's identity. Contrarily, two-factor authentication
Cyber Security Unit III Page 24

services are based on two factors simultaneously: e.g., a password and a hardware-token authenticator. The two-
factor authentication is primarily used in finance, healthcare, education, and social media but is needed more and
more for any enterprise or public web service.

To acquire access from MFA, the user must provide information on multiple factors, such as what he knows, what
he has, and what he is. Go back to the authentication approaches in the previous section for more details. The
characteristics of a good MFA include the following:

• Reliability
• Scalability
• Resilience
• Ease of use

MFA is often combined with SSO, also known as authentication federation, where an authentication service
provides MFA capabilities to various applications in an enterprise.

The role of device-based authentication is inevitable in MFA. Plus, this authentication service primarily and often
involves a single authentication mode that must always be present in device authentication using securely stored
cryptography. It enables security engineers to pair known devices with user accounts with smooth and fast logins.
In addition, device-based authentication checks risk indicators in real time.

Continuous Authentication

Authentication methods usually validate users once and persist access over a long period of time using cookies.
This may serve security poorly. Cookies, for example, may be stolen or counterfeited. Devices once in possession
of a particular user may now be controlled by someone else. Bottom line – you need continuous verification of a
user's identity over time.

Continuous Authentication, also known as Active Authentication, addresses novel ways to verify and validate a
user's identity rather than using passwords. In addition, Continuous Authentication works by using software-based
behavior biometrics to capture the session data to know whether a legitimate user utilizes a system at a given time.
Cyber Security Unit III Page 25

Adaptive MFA

Adaptive MFA uses different ways to verify users of computer systems or cloud services – typically based on the
level of risk with a particular access request. Adaptive authentication usually uses indicators like IP addresses,
geolocation, or other metadata to address the level of risk of an appeal. Unfortunately, metadata isn’t very realizable
regarding network security – especially in a cloud-prevailing online world. Trusting client-proclaimed attributes
like IP addresses is no longer viable.

Secure Your Access with Peig

Peig’s Passwordless Access Platform helps with unifying access management and streamlining passwordless
authentication in SaaS, private cloud apps as well as controlled network environments.

Secure AWS, Google Workspace, Microsoft 365, Salesforce, and other SaaS or self-hosted services, and improve
your company's remote work business processes.

Peig access is unified with an authentication engine that addresses advanced phishing, MitM, session hijacking,
and device manipulation attacks. The passwordless access platform is the best fit for middle-size enterprises that
consider their remote work using cloud-native applications critical.

3.6 Attacks on mobile phones: Mobile phone theft

Types of Wireless and Mobile Device Attacks

Wireless and mobile devices have become ubiquitous in today’s society, and with this increased usage
comes the potential for security threats. Wireless and mobile device attacks are a growing concern for
individuals, businesses, and governments.

Below are some of the most common types of Wireless and Mobile Device Attacks:
Cyber Security Unit III Page 26

SMiShing: Smishing become common now as smartphones are widely used. SMiShing uses Short
Message Service (SMS) to send fraud text messages or links. The criminals cheat the user by calling.
Victims may provide sensitive information such as credit card information, account information, etc.
Accessing a website might result in the user unknowingly downloading malware that infects the
device.
War driving : War driving is a way used by attackers to find access points wherever they can be.
With the availability of free Wi-Fi connection, they can drive around and obtain a very huge amount
of information over a very short period of time.
WEP attack: Wired Equivalent Privacy (WEP) is a security protocol that attempted to provide a
wireless local area network with the same level of security as a wired LAN. Since physical security
steps help to protect a wired LAN, WEP attempts to provide similar protection for data transmitted
over WLAN with encryption. WEP uses a key for encryption. There is no provision for key
management with Wired Equivalent Privacy, so the number of people sharing the key will continually
grow. Since everyone is using the same key, the criminal has access to a large amount of traffic for
analytic attacks.
WPA attack: Wi-Fi Protected Access (WPA) and then WPA2 came out as improved protocols to
replace WEP. WPA2 does not have the same encryption problems because an attacker cannot recover
the key by noticing traffic. WPA2 is susceptible to attack because cyber criminals can analyze the
packets going between the access point and an authorized user.
Bluejacking: Bluejacking is used for sending unauthorized messages to another Bluetooth device.
Bluetooth is a high-speed but very short-range wireless technology for exchanging data between
desktop and mobile computers and other devices.
Replay attacks: In a Replay attack an attacker spies on information being sent between a sender and
a receiver. Once the attacker has spied on the information, he or she can intercept it and retransmit it
again thus leading to some delay in data transmission. It is also known as playback attack.
Bluesnarfing : It occurs when the attacker copies the victim’s information from his device. An
attacker can access information such as the user’s calendar, contact list, e-mail and text messages
without leaving any evidence of the attack.
Cyber Security Unit III Page 27

RF Jamming: Wireless signals are susceptible to electromagnetic interference and radio-frequency

interference. Radio frequency (RF) jamming distorts the transmission of a satellite station so that the
signal does not reach the receiving station.

There are several types of attacks that target these devices, each with its own advantages and
disadvantages:

Wi-Fi Spoofing: Wi-Fi spoofing involves setting up a fake wireless access point to trick users into
connecting to it instead of the legitimate network. This attack can be used to steal sensitive information
such as usernames, passwords, and credit card numbers. One advantage of this attack is that it is
relatively easy to carry out, and the attacker does not need sophisticated tools or skills. However, it
can be easily detected if users are aware of the legitimate network’s name and other details.
Packet Sniffing: Packet sniffing involves intercepting and analyzing the data packets that are
transmitted over a wireless network. This attack can be used to capture sensitive information such as
email messages, instant messages, and web traffic. One advantage of this attack is that it can be carried
out without the user’s knowledge. However, the attacker needs to be in close proximity to the victim
and must have the technical skills and tools to intercept and analyze the data.
Bluejacking: Bluejacking involves sending unsolicited messages to Bluetooth-enabled devices. This
attack can be used to send spam, phishing messages, or malware to the victim’s device. One advantage
of this attack is that it does not require a network connection, and the attacker can be located anywhere
within range of the victim’s Bluetooth signal. However, it requires the attacker to have the victim’s
Bluetooth device’s address and is limited to devices that have Bluetooth capabilities.
SMS Spoofing: SMS spoofing involves sending text messages that appear to come from a trusted
source, such as a bank or a government agency. This attack can be used to trick users into revealing
sensitive information or downloading malware. One advantage of this attack is that it can be carried
out without the user’s knowledge. However, it requires the attacker to have the victim’s phone number,
and it can be easily detected if users are aware of the legitimate source of the message.
Cyber Security Unit III Page 28

Malware: Malware is software designed to infect a device and steal or damage data. Malware can be
distributed through email attachments, software downloads, or malicious websites. One advantage of
this attack is that it can be carried out remotely, without the attacker needing to be physically close to
the victim. However, it requires the attacker to have a way to deliver the malware to the victim’s
device, such as through a phishing email or a fake website.

3.7 Mobile virus

Can Viruses Infect Phones?

The quick response is − not really. There are no viruses known to exist for iOS or Android as of yet. There aren't any
known traditional viruses for mobile devices yet. A virus is typically defined as malicious computer software that copies
itself as it executes.

But even while a traditional virus may never infect your iPhone or Android phone, there is a much higher likelihood
that your device may become infected by other forms of malware or threats. One sort of malware, or malicious software,
is viruses. It makes sense to protect your device because of this.

How Does Malware Spread to Mobile Devices?

There are a number of ways in which malware can spread to mobile devices. Read through this article to find out how
malware spreads and how you can protect your mobile devices from a malware attack.

Installing harmful applications

Through downloads and apps, hackers most frequently distribute malware. The majority of the time, programs
downloaded from an official app store are secure, but "pirated" or software obtained from dubious sources frequently
also contain viruses. These are apps that look trustworthy but actually contain spyware or other malware.

On rare occasions, a malicious program will make it to an official app store. One recent instance is InstaAgent, a program
that secretly sends user login information for Instagram to a different server without the user's awareness. These
Cyber Security Unit III Page 29

programs typically get noticed and fixed right away, but they show what may happen. Developers occasionally employ
compromised, pirated development tools. Everything created with these tools will thereafter contain harmful malware
that could steal confidential information or harm mobile devices.

To target your phone, criminals take advantage of gaps in Wi-Fi networks or obsolete operating systems or browsers.
Alternately, they might employ social engineering techniques to deceive you into installing a fake app, opening a link
in a phony text message or email, or visiting a dubious website in order to install malware. There is a lot to be aware of
because cybercriminals are constantly changing their methods and strategies.

Using a mobile device with a compromised operating system

Hackers may frequently be able to take advantage of weaknesses in mobile devices themselves. These flaws are typically
rapidly identified and fixed, but if you don't frequently update the software on your phone, your device will be exposed.

Like any computer, it's essential to maintain your mobile device updated to prevent hackers from taking advantage of
any weaknesses.

Examining fraudulent emails

As more workers check and respond to work emails on their phones, hackers are able to infect your phone with malware.
Here's an illustration − You get an email saying you won something (a tablet, a vacation, etc.). When you open the
email and click the link inside, nothing happens, or you instead go on a bogus website. However, your phone has
malware that was downloaded and set up. That hacker may now have access to the info on your phone.

Using unsecured Wi-Fi and URLs

You run the risk of revealing sensitive data sent from your device if you access unsecured websites. Additionally,
malware exposure and man-in-the-middle assaults are more likely to occur. Avoid connecting to untrusted Wi-Fi
networks and websites, and for more secure Wi-Fi communication, think about using antivirus software and a VPN on
your phone.
Cyber Security Unit III Page 30

Your smartphone's browser itself can contain security flaws. Attacks on web browsers may result from this. These kinds
of attacks are more frequent on Android devices. Regardless of the browser you use, make sure you have the most recent
version.

Receiving phishing texts or voicemails

You can receive a text message or voicemail requesting personal information about you or your device from what seems
to be a trustworthy source.

Hackers frequently utilize this information to steal any data they can, such as credit card numbers, social security
numbers, and other personal information. They might even be able to utilize it to launch a focused attack and infect
your phone with malware.

When you receive a text like this, call the business and confirm with them on their real phone. Never text someone with
private information. You should immediately delete any suspicious texts and make an effort to contact the company
directly, as sometimes even replying to a text might be risky.

How Can I Check for Malware on My Phone?

You need a dependable malware scanner on your phone to identify some malware because its signs and symptoms can
be difficult to see. Some devices come equipped with a scanner that can carry out simple tasks. However, you can get
a certified mobile security app if you don't have one or if you require a more potent scanner.

You can run manual or recurring scans for your entire device or selected programs using the antivirus app. Depending
on how your phone performs and behaves, you can select between standard and deep scans.

Tips for Preventing Malware on Your Mobile Device

The good news is that there are several simple steps you can take to prevent malware from infecting your mobile device,
even though that danger exists. Here are some strategies for guarding against viruses on your phone and other devices
−
Cyber Security Unit III Page 31

• Avoid jailbreaking your device because doing so strips it of several of its built-in security features. Your gadget
may be able to perform more tasks as a result, but it also makes it more open to assaults.
• Use a virtual private network (VPN) to access and share information safely across public Wi-Fi networks. A
VPN is a secure "tunnel."
• Download Apps from trustworthy sources − Malware-infected apps are more likely to be found in unofficial
app shops.
• Data encryption is a must if you have sensitive information on a mobile device. If malware steals it, it will still
be safe after that.
• Update your software and hardware − Businesses frequently publish updates for mobile devices that fix potential
flaws.

3.8 Mishing

Nearly 7% of the population over sixteen years old – that’s 17 million Americans – had their identity
stolen last year. 85% Of them had their bank account or credit card breached. Over a third suffered severe
emotional stress, almost a third endured the problem for over a month, more than one in ten was robbed – and nine
out of ten had no idea how it happened.

Despite this sobering reality, you can help your customers protect themselves by making sure they don’t fall victim
to the types of ruses that law enforcement has already identified. Identity theft is not limited to online methods or
people scavenging through your garbage trying to find financial documents.

Phishing by text messaging. The misher typically poses as an employee from the bank claiming they need your
personal details or requesting that you settle an issue at their bank. With texting so prevalent in society, it was only
a matter of time before thieves took to this method. Users may be more vulnerable to mishing if they purchase
items using their phone or do mobile banking.

3.9 Vishing

Vishing uses VoIP (Voice over Internet Protocol) to go phishing. The visher will make cold calls to the victim
posing as a representative of the victim’s bank, some investigation team, or some other highly important you-need-
to-listen-to-me type of message. Other times these calls will be automated with voice prompts. Either way, the plan
is to gain access to the victim’s financial and personal information. To the visher there are benefits to using VoIP
Cyber Security Unit III Page 32

technology because they can call long distance, it is cheaper, and requires fewer landlines. Just like you the business
owner, thieves are looking to cut costs, too, to maximize their profits!

Vishing claimed $11 million in 2013 in the United Kingdom alone, but these grifts are certainly not isolated to any
particular region of the globe. The frequency of phone schemes doubled last year and are particularly popular after
a natural disaster. Believe it or not, vishers will call to get donations for relief funds supposedly supporting people
affected by disasters like Hurricane Sandy, Hurricane Katrina, or the recent tornado in the Philippines.

3.10 Smishing

Smishing is a cyber-attack that targets individuals through SMS (Short Message Service)
or text messages. The term is a combination of “SMS” and “phishing.”

In a smishing attack, cybercriminals send deceptive text messages to lure victims into sharing personal
or financial information, clicking on malicious links, or downloading harmful software or
applications. Just like email-based phishing attacks, these deceptive messages often appear to be from
trusted sources, and they use social engineering tactics to create a sense of urgency, curiosity, or fear
to manipulate the recipient into taking an undesired action.

Most of the 3.5 billion smartphones worldwide can receive text messages from any number in the
world. Many users know the dangers of clicking a link in email messages. However, fewer people are
aware of the risks of clicking links in text messages. Users are much more trusting of text messages,
so smishing is often lucrative to attackers phishing for credentials, banking information and private

data.How Smishing Works

Most smishing attacks work like email phishing. These attacks use a combination of technological
manipulation and psychological tactics to deceive victims. The following steps outline the general
process:
Cyber Security Unit III Page 33

1. Target Selection: Cybercriminals choose their targets. This selection can be random, using
a broad list of phone numbers, or more specific, targeting individuals based on data
obtained from previous breaches or information sold on the dark web.

2. Crafting the Message: The attackers create a deceptive text message that invokes a
specific emotion or reaction, such as urgency, fear, or curiosity. This message typically
includes a call to action, like clicking a link or calling a number.

3. Message Delivery: Using SMS gateways, spoofing tools, or infected devices, the attacker
sends out the smishing message to their selected targets.

4. Interaction: Upon receiving the message, it prompts the victim to take action. This could
be clicking on a provided link, replying with personal information, or calling a specified
phone number.

5. Data Collection or Malware Deployment: Several outcomes can occur if the victim
interacts as the attacker hopes. They might land on a fraudulent website where they input
personal or financial data. Or they could unknowingly download malicious software onto
their device. If they call a number, the attacker might trick them into providing information
verbally or incurring charges.

6. Use of Stolen Information: With the desired information in hand, the attacker can use it
for various malicious purposes, such as identity theft, unauthorized transactions, selling the
data on the black market, or further targeted attacks.

7. Evasion: To continue their operations undetected, attackers frequently change their tactics,
use different phone numbers, and employ various techniques to mask their identity and
location.
Cyber Security Unit III Page 34

Smishers use a variety of ways to trick users into sending private information. For example, they may
use basic information about the target (such as name and address) from public online tools to fool the
target into thinking the message is from a trusted source.

The smisher may use your name and location to address you directly. These details make the message
more compelling. The message then displays a link pointing to an attacker-controlled server. The link
may lead to a credential phishing site or malware designed to compromise the phone itself. The
smisher then uses the malware to snoop the user’s smartphone data or send sensitive data silently to
an attacker-controlled server.

Social engineering, in combination with smishing, makes for a powerful attack. The attacker might
call the user asking for private information before sending a text message. The disclosed information
is then used in the smisher’s text message attack. Several telecoms have tried to fight social
engineering calls by displaying “Spam Risk” on a smartphone when a known scam number calls the
user.

Basic Android and iOS security features often prevent malware. But even with robust security controls
on mobile operating systems, no security control can combat users who willingly send their data to an
unknown number.

Types of Smishing Attacks

Similar to the rising sophistication of conventional phishing attacks, smishing schemes come in many
elaborate forms. Common types of smishing include:

• Account Verification Scams: In this type of attack, the victim receives a text message
claiming to be from a reputable company or service provider, such as a bank or a shipping
carrier. The message typically warns users about unauthorized activity or asks them to
Cyber Security Unit III Page 35

verify account details. When users click the provided link, they’re directed to a fake login
page, where their credentials can be stolen.

• Prize or Lottery Scams: Here, an attacker informs victims they’ve won a prize, lottery, or
sweepstakes. To claim their prize, they must provide personal details, pay a small fee, or
click on a malicious link. The goal is either to steal sensitive information or money.

• Tech Support Scams: Users receive a message warning them about a problem with their
device or account with a request to contact a tech support number. Calling this number can
lead to charges, or the “technician” may request remote access to the device, leading to
potential data theft.

• Bank Fraud Alerts: These messages appear to come from the victim’s bank, warning
about unauthorized transactions or suspicious activities. The user is then prompted to click
on a link to verify their transactions or call a number, both controlled by the attacker.

• Tax Scams: Around tax season, many people receive messages claiming to be from tax
agencies. These messages often promise tax refunds or threaten penalties for supposedly
unpaid taxes, urging the recipient to provide personal or financial details.

• Service Cancellation: The attacker warns the victim that a subscription or service (like a
streaming service or software subscription) is about to be canceled due to a payment issue.
They’re urged to click on a link to “resolve” the issue, which usually leads to a phishing
page.

• Malicious App Downloads: Users receive a message promoting a useful or entertaining

app. Clicking on the download link leads to installing malicious software on the user’s
device.
Cyber Security Unit III Page 36

Awareness of these common smishing tactics can significantly reduce the chances of falling victim to
them. Always cautiously approach unexpected or suspicious messages, verify them with the claimed
source using known contact methods, and avoid clicking on unfamiliar links or downloading files
from unknown senders.

Smishing vs. Phishing vs. Vishing

Understanding the differences between Smishing, Phishing, and Vishing is vital for awareness and
protection against a wide range of cyber threats. Each term refers to deceptive tactics cybercriminals
use to trick individuals into divulging sensitive information. However, each approach uses different
mediums and methods to carry out the attack.

Smishing
• Medium: SMS (Short Message Service) or text messages.

• Method: Cybercriminals send deceptive text messages attempting to lure victims into
sharing personal or financial information, clicking on malicious links, or downloading
harmful software.

• Example: A text message alerting the recipient of a suspicious bank transaction and urging
them to click a link to verify their account.

Phishing
• Medium: Primarily email but can also include malicious websites and social media.
Cyber Security Unit III Page 37

• Method: Cybercriminals craft fraudulent emails to appear as if they come from reputable
sources. These emails often contain malicious links or attachments and are designed to trick
recipients into providing sensitive data, such as login credentials or credit card numbers.

• Example: An email, seemingly from a popular e-commerce site, asking users to reset their
passwords due to a security breach, leading to a fake login page.

Vishing (Voice Phishing)

• Medium: Voice calls (via traditional telephone or VoIP services).

• Method: Cybercriminals impersonate legitimate organizations, such as banks or

government agencies, over the phone. They aim to extract sensitive information directly
from the victim during the call.

• Example: A call from someone claiming to be from the IRS, stating that the victim owes
back taxes and will face legal consequences unless they make an immediate payment.

• Examples of Smishing Attacks

• Many attackers use an email address to automate sending text messages and avoid detection.
The phone number listed in caller ID usually points to an online VoIP service such as Google
Voice, where you can’t look up the number’s location.

• The following image displays a sample smishing attack. Here, the attacker poses as the IRS and
threatens the recipient with arrest and financial ruin unless they call the number in the text. If
the recipient calls, they are scammed into sending money.

3.11 Hacking Bluetooth

Cyber Security Unit III Page 38

What is Bluetooth Hacking and How Does it Work?

Bluetooth hacking refers to the unauthorized access and manipulation of Bluetooth-enabled devices by exploiting
vulnerabilities in the Bluetooth protocol. Hackers take advantage of security weaknesses in Bluetooth connections to gain
control over devices, intercept data, or carry out malicious activities. Understanding how Bluetooth hacking works is crucial
for protecting ourselves from potential attacks.

Bluetooth devices communicate using radio waves in the 2.4 GHz frequency band. When two devices want to
establish a connection, they go through a process called pairing. During this process, they exchange security keys
to encrypt their communication and establish a secure connection. However, vulnerabilities in the Bluetooth
protocol and the implementation of different devices can be exploited by hackers.

Types of Bluetooth Hacking

Some of the common Bluetooth hacking techniques are mentioned below:

Bluejacking

Bluejacking is a relatively harmless type of Bluetooth hacking

that involves sending unsolicited messages or contacts to nearby
Bluetooth-enabled devices. The purpose of such hacking is not
to gain control over the device or steal information, but to
surprise or annoy the recipient. Bluejackers exploit the
“discoverable” mode of Bluetooth devices to send messages anonymously.

In a typical bluejacking attack, the attacker scans for discoverable devices in their vicinity and sends a message or
contact to a target device. The message usually appears as a notification or pop-up on the recipient’s device,
containing text or multimedia content. Bluejacking relies on the lack of authentication in Bluetooth connections,
which allows the attacker to initiate communication without pairing.

Bluesnarfing

Bluesnarfing is a more serious Bluetooth hacking technique that aims to access and steal sensitive data from a
targeted device. It involves unauthorized access to the device’s stored information, such as contacts, text messages,
Cyber Security Unit III Page 39

emails, or even files. Unlike bluejacking, bluesnarfing requires the attacker to establish a connection with the target
device.

To carry out a bluesnarfing attack, the hacker exploits vulnerabilities in the Bluetooth protocol or the
implementation of the target device. By exploiting these vulnerabilities, they can bypass security measures and
gain access to the device’s data. Once connected, the attacker can extract or manipulate sensitive information
without the owner’s knowledge.

Bluebugging

Bluebugging is an advanced form of Bluetooth hacking where an attacker gains complete control over a targeted
device. With bluebugging, an attacker can execute various commands on the device, including making calls,
sending messages, accessing data, and even eavesdropping on conversations. This Bluetooth hacking technique
takes advantage of vulnerabilities in the Bluetooth software stack.

Unlike bluejacking and bluesnarfing, bluebugging requires a high level of technical expertise. The attacker needs
to exploit specific vulnerabilities in the Bluetooth software running on the target device. Once successful, they can
establish a backdoor connection and gain full control over the device’s functionalities.

BlueBorne

BlueBorne is a severe Bluetooth vulnerability that allows hackers to take control of multiple devices within the
Bluetooth range without any user interaction. It affects various operating systems, including Android, iOS,
Windows, and Linux. BlueBorne takes advantage of the way devices automatically connect to each other and
propagates malware across different devices.

By exploiting the BlueBorne vulnerability, attackers can remotely execute malicious code on vulnerable devices.
This can lead to data theft, unauthorized access, or even turning the compromised device into a botnet for launching
further attacks. BlueBorne underscores the importance of keeping devices updated with the latest security patches
to mitigate this vulnerability.

Potential Risks of Bluetooth Hacking

Cyber Security Unit III Page 40

Bluetooth hacking poses significant risks to the security and privacy of your devices. By understanding these risks,
you can better appreciate the importance of implementing strong security measures. Some of the potential risks
associated with Bluetooth hacking include the following:

• Unauthorized Access to Devices: Hackers can exploit vulnerabilities in Bluetooth connections to gain unauthorized
access to your devices. Once inside, they may extract sensitive information, install malicious software, or even
take control of your device remotely.

• Data Interception: Bluetooth transmissions can be intercepted by hackers who are within range of your device. This
interception can lead to the theft of personal data, such as passwords, financial information, or private messages.

• Malware Distribution: Bluetooth hacking techniques can be used to distribute malware to unsuspecting devices.
Malware can cause extensive damage, ranging from data corruption to complete device compromise.

• Bluejacking: Bluejacking involves sending unsolicited messages to nearby Bluetooth-enabled devices. While not
necessarily malicious, it can be a nuisance and invade your privacy.

• Bluesnarfing: Bluesnarfing refers to the unauthorized access and extraction of data from Bluetooth-enabled devices.
Hackers can retrieve contacts, messages, and other sensitive information without the user’s knowledge.