What Exactly is a Sniffing Attack and How Can You Protect Yourself Against it
Michelle Wilson - September 17, 2020
This is something nobody wants to go through. Your bank or credit card company calls you up and asks about recent charges on your account. Unfortunately, you didn’t make any of these purchases which means your credit card information has been stolen.
But how? You have the card right there in your wallet. If you ever use unsecured Wi-Fi or send unencrypted data, you may have been the victim of a sniffing attack. Sniffing is the process of monitoring and capturing data that is passing through different networks. Confused? No Problem. We will explain exactly how this works and how you can protect yourself against a possible attack.
Table of Contents
What is a Sniffing Attack?
Sniffing is basically the web equivalent of wiretapping a phone to get someone’s personal information. The hacker will use a program to collect this information, like your credit cards, or social security number. There are two types of sniffing attacks, active sniffing and passive sniffing:
-
Active Sniffing
This type of sniffing is conducted on a switched network. The switch is what connects two network devices together. They use the MAC address (A MAC address is given to a network adapter when it is manufactured. It is hardwired or hard-coded onto your computer’s network interface card (NIC) and is unique to it.) to forward that stolen information to their own destination.
-
Passive Sniffing
This type of sniffing uses hubs (a network hardware device for connecting multiple Ethernet devices together) instead of switches to use your MAC address and get data. All a hacker has to do is to connect to LAN, and they can send sniff data traffic in that network.
This sounds extremely scary, however sniffer programs aren’t just used by hackers. They actually started out as a program to analyze and detect possible issues with a network’s traffic and diagnose problems.
How Can Someone Perform a Sniffer Attack?
The worst part of a sniffer attack is that they happen under the radar. You still order online as usual, the business collects your funds, only now a hacker has your credit card details.
This can happen very easily. Say you take your laptop to get some work done out of the house. You sit down at a café and connect to an open Wi-Fi called “Café Free Wi-Fi.” You do your work, and some online shopping, but unbeknownst to you, it’s a hacker’s network. The hacker can now monitor and view any unencrypted data passing between you and the internet.
These hackers are usually looking for your important information. Credit cards, social security numbers, passwords, and banking information are just some of the things they are looking to steal.
How Can You Protect Yourself?
It is always important to stay vigilant about your data and your actions online. Being proactive will help you protect yourself from sniffing and other online attacks. Here are some of our tips to help you and your information stay safe:
-
Don’t use untrusted networks
you should avoid connecting to unsecured networks, including free public Wi-Fi. Hackers can either sniff an entire legitimate unsecured network or create their own fake public Wi-Fi for you to connect to.
-
Encryption
This is the process of converting data into gibberish in order to protect the message from attackers. You can do this by using a VPN.
-
Network monitoring
Network administrator should always take a look at their networks and see if they find any suspicious traffic. They can do this by device auditing or bandwidth monitoring.
-
Updates
Make sure your software and computer are always up to date. As annoying as it may be, don’t ignore the pop up telling you to update and restart your computer.
-
No public computers
It’s not always easy but try to avoid using public computers when dealing with sensitive information. Browsing articles at the library is fine, just don’t make any purchases or go to sites where you have to login with a username and password.
-
Common Sense
This one is fairly obvious, but sometimes we forget. Only use legitimate websites for purchases, and never click on suspicious links. If you feel uneasy in general, follow your instincts and get off of that site asap.
Luckily, these types of attacks aren’t as common as they once were. However, it is always a good idea to stay alert and protect yourself.