17 Types of Cyber Attacks and How to Prevent Them

Know the signs of malicious activity and how it works to tread a lighter digital footprint.

Written by Brooke Becher
17 Types of Cyber Attacks and How to Prevent Them
Image: Shutterstock
Brennan Whitfield | Jul 12, 2023

Cyber attacks have come a long way from duping us into helping a Nigerian prince down on his luck. In 2022 alone, cybercrime resulted in over $10 billion in total victim losses — and costs are on a trajectory to grow by at least 15 percent each consecutive year.

Common Types of Cyber Attacks

  • Malware
  • Phishing
  • Cross-site scripting (XSS)
  • Denial of service (DoS or DDoS)
  • DNS tunneling
  • Drive-by download
  • Man-in-the-middle (MITM)
  • Password cracking 
  • SQL injection
  • Zero-day exploits


What Is a Cyber Attack?

A cyber attack refers to any attempt to gain unauthorized access to a computer with the intent to cause harm.

These unwelcome attempts steal, expose, alter, disable and destroy information through data breaches. And with new malware being created daily, these attacks aren’t stopping anytime soon. 

Taking preventative measures and self-educating on the latest cyber attack trends are a user’s best bet in avoiding malicious online traps. 

The following list outlines cyber attacks worth keeping on your radar.


Types of Cyber Attacks to Know

1. Malware

Hackers design malware — or malicious software — to intercept data from a computer, network or server by tricking the users themselves into installing faulty programs to their devices at their own hand. Once compromised, a malicious script bypasses security protocols, allowing hackers access to sensitive data or even to hijack the system entirely.

Malware is one of the most commonly used cyber attacks, and it does not discriminate — attacks have been wagered against companies, governments and individuals, frequently partnered with phishing emails.

Types of Malware


A form of cryptoviral extortion that encrypts files on a system. Hackers lock the original owner out of their files, threatening to destroy or publish confidential information, until a ransom is paid.


Spyware is voyeuristic software that records a user’s activities and reports data back to the hacker. This subgenre of malware spans adware, system monitors, web tracking and trojans that all share the goal to install, breach the network, avoid detection and safely remove themselves from the network once the job is completed.


A keylogger is malware that captures a user’s activity by recording their keystrokes. The tracked data is most often used for blackmail or identity theft purposes.


Trojans are covert malware that hide inside a seemingly legitimate piece of software. One malware that can steal banking information and other personal credentials — Emotet — uses advanced, self-propagating and modular trojans concealed within spam emails.


Activated by a click, these bits of software self-replicate unbeknownst to the user, slowing down a device and potentially destroying data in the process. A transient version, known as worms, move throughout infected network nodes while granting hackers remote access to the entire system. 


2. Phishing

Like dangling bait to catch a fish, phishing uses fraudulent websites, emails or text messages to get unsuspecting users to reveal passwords, banking credentials, credit card details or other sensitive information. These cybercrimes usually deliver malware straight to your inbox, using false links or attachments. 

Phishers often impersonate trusted parties like banks, businesses, government entities or celebrities. This is an example of social engineering — a malicious data-collection tactic that uses psychological manipulation — which tricks recipients into providing information they otherwise wouldn’t share with a stranger. 

In a major phishing attack in 2020, hackers promoted a Bitcoin scam by infiltrating Twitter’s network and hacking 45 high-profile Twitter accounts. Several of these compromised accounts posted tweets or sent direct messages encouraging users to send Bitcoin to a scam wallet address.

Types of Phishing Attacks

Spear Phishing

Typically done through email, hackers use personal information sourced from an individual’s digital footprint — data from a person’s online activity, often lifted from social media or bought off of the Dark Web — in order to convince a specific individual to click on a fraudulent link. 


Also known as voice phishing, vishing is a category reserved for hacking scams via voice calls or voicemail messages. This attack often impersonates companies or official entities to get callers to reveal their personal information.


A portmanteau of SMS and phishing, this type of cyber attack exploits mobile devices and is spread via text messaging. Like vishing, it attempts to trick users into providing sensitive information over a text conversation.


Whaling involves curated attacks that try to reel in the biggest fish — high-profile individuals like CEOs and executives — to steal their credentials and gain backdoor access to a company’s network. Although rare, these phishing attacks can reap the highest reward when successful.

Angler Phishing 

Angler phishing is a type of phishing scam reserved for social media platforms. Found in comment sections or by way of direct messaging, fraudsters rely on the trust built by popular businesses or figures and disguise themselves as customer service agents. From here, they siphon information by contacting users who have made customer complaints to these entities.

MORE ON HOW TO PROTECT AGAINST PHISHING ATTACKSPhishing Attacks: 18 Examples and How to Avoid Them


3. Cross-Site Scripting (XSS)

By injecting malicious, client-facing scripts into the code of a trusted web application or website, cross-site scripting, known as XSS, offers hackers unauthorized access to user information, commonly collected from an on-site search or contact form. 

Sites vulnerable to XSS include message boards, forums and web pages, which depend on user input that is not screened for malicious activity; however, this does not exclude bigger sites.

In 2014, hackers tampered with JavaScript code across eBay product listing pages, redirecting shoppers via malicious links to spoofed listing pages that would collect their credentials.


4. Cryptojacking

Cryptojacking refers to a hacker’s covert efforts to commandeer a computer’s processing power for the purpose of mining cryptocurrencies, like Bitcoin and Ether, while the user is unaware or non-consenting. Jeopardized systems suffer a slow processing speed.


5. Denial of Service (DoS)

Denial of service, or DoS, approaches cyber attacks with one singular tactic: totally overwhelm. Typically, this is done by flooding servers with traffic generated by superfluous, false requests in order to overload a system, subduing some or all legitimate requests.

The endgame for DoS hackers isn’t to steal data, but rather to shut down business operations, as demonstrated in 2017 when an attacker came for Google in the largest, publicly disclosed data breach to date that measured 2.5 terabytes per second. In this instance, the attacker opted for a DDoS attack, or distributed denial of service, which allows multiple devices to be breached simultaneously.


6. DNS Spoofing

DNS spoofing happens when hackers send online traffic to a “spoofed” or falsified website that replicates a user’s desired destination, like a login page for a bank or social media account. That information, of course, is submitted to hackers sitting at the other end of the fabricated site linked to a fraudulent IP address. 

These incidents can be used to sabotage companies by redirecting visitors to a low-grade site with obscene content or to simply pull pranks. In 2015, a group of hackers detoured Malaysia Airlines website traffic to a homepage that showed an image of a plane with the text “404 – Plane Not Found” imposed over it, in reference to controversy around Flight 370, which went missing the year prior. No data was stolen or compromised during the attack. 

Find out who's hiring.
See all Developer + Engineer jobs at top tech companies & startups
View 9175 Jobs


7. DNS Tunneling

Even the most widely trusted protocols, like the domain name system, can be subverted by hackers. DNS acts as a phonebook for the internet, helping to translate between IP addresses and domain names. Through tunneling, also referred to as hijacking or poisoning, malicious domains or servers sneak traffic past a network’s firewall to perform data exfiltration.

DNS tunneling attacks are especially hazardous as they often go undetected for an extended period of time during which cybercriminals can steal sensitive data, change code and install new access points or malware. 


8. Drive-by Download

Most cyber attacks require interaction from a user — like clicking on a link or downloading an attachment. Drive-by downloads do not. They can infect unsuspecting users while browsing corrupted websites or engaging with deceptive pop-up windows.


9. Insider Threats

As the title suggests, insider threats are cybersecurity risks that originate from within an organization. These are committed by an agitated party — oftentimes a current or former employee, contractor or vendor — who misuses legitimate credentials to leak, steal or distribute internal information.

For example, in 2020, a disgruntled former staff member of a medical device packaging company used his administrator access to alter over 100,000 company records.


10. Internet of Things (IoT) Attack

An IoT attack takes on the nature of a DoS or DDoS attack that hijacks domestic, internet-connected devices such as smart speakers, TVs or tech toys to assist in data theft. Gadgets that fit within the Internet of Things usually don’t have antivirus software installed, making them easy targets for hackers. 

In some instances, hackers turn entire armies of devices — dubbed botnets — against their users. Alexa, Ring doorbells and even smart fridges can be loaded with malware in one fell swoop, indicated by sluggish, zombie-like defects in performance.

More on Cybersecurity56 Cybersecurity Companies You Need to Know


11. Man in the Middle (MITM) Attack

When an uninvited third party puppeteers communication between two private parties — say, by using a public WiFi network — this is known as a man-in-the-middle attack. 

In this example, messages between two parties are intercepted and manipulated to fit a hacker’s motive, who is pretending to play each respective role. Meanwhile, the mutual parties are unaware that their conversation is being tampered with. 

Similar to man-in-the-middle attacks, a man-on-the-side attack enables rogue intruders to read and inject arbitrary messages into a communications channel, without modifying or deleting messages sent by other parties. This tactic relies on strategic timing so that replies containing the malicious data are sent in response to a victim’s request before an actual response from the server.


12. Password Cracking

Perhaps the most direct of attempts, password cracking is the process of recovering passwords through various techniques. 

Types of Password Cracking Attacks


A common, trial-and-error approach that includes repeatedly inputting different passphrases, checked against a cryptographic hash, until the correct character combination lands.

Password Spraying

Often automated, hackers will circulate through a list of common passphrases — such as “123456,” “qwerty” or “password” — across victimized accounts.


13. Rootkits

Often featured as a collection of tools, rootkits are a type of malware that deeply embed in an operating system upon installation. This can only be achieved after unauthorized access is gained, through means of password cracking or phishing. 

Rootkits allow total administrative control over a device or system. This makes them difficult to detect as all evidence of their intrusion can be covered up, while the hacker now holds privileged access. All antivirus efforts may be subverted by the overriding malware, making rootkits nearly impossible to expunge. 


14. Session Hijacking

Also known as cookie-hijacking or cookie side-jacking, session hijacking is a type of MITM attack that occurs when a hacker takes over a session between a client and the server while they are logged in.

Find out who's hiring.
See all Developer + Engineer jobs at top tech companies & startups
View 9175 Jobs


15. SQL Injection

SQL, short for Structured Query Language, refers to a domain-specific standard that supports most websites. Attackers use SQL injection techniques to gain unauthorized access to a web application’s database by adding strings of malicious code in an effort to trick the database.

The intention here is to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, transfer administrative authority of the database server and expose, destroy or disqualify data.


16. URL Manipulation

URL manipulation, or rewriting, refers to the process of altering the parameters of a URL to redirect a victim to a phishing site or download malware. This tactic can piggyback off of current content management trends.

For example, many administrators trim URLs for user convenience. Hackers can easily “poison” a shortened URL, copying its likeness and redirecting users to a phishing trap.  Cyber criminals, in an attack known as directory busting, can also guess common URL formats — by adding “/admin” or “/.bak” to the end of a site — to hack into the back end of a server.


17. Zero-Day Exploits

Zero-day exploits occur when bad actors find vulnerabilities in freshly launched software or networks and exploit the bugs before the unaware manufacturer can patch them. Primarily, the goal is to steal data or cause damage. 

Microsoft, Google and Apple all had to patch zero-day bugs in the first few months of 2022. 

More on Online PrivacyOnline Privacy: A Guide to How Your Personal Data Is Used


How to Prevent Cyber Attacks

Because you can never be too safe, here are some best practices to consider when taking preventative action against cyber criminals:


Install Antivirus Software With Malware Protection 

Even if you accidentally click on a malicious link or download a viral attachment, hackers won’t be able to touch your data with the right programs in place.


Use a Firewall

Firewalls act as the first defense between a computer and the internet. They constantly monitor flowing network traffic and can determine what traffic to block or allow based on predetermined rules.


Back Up Your Data

In a worst case scenario, having a backup can help avoid downtime, data destruction and even financial loss.


Use Complex Passwords and Enable Multi-Factor Authentication

Keep passwords complex and at least eight characters long. Combine letters, numbers, symbols and cases. Enabling multi-factor authentication as well adds that extra layer of protection.


Be Aware of Phishing Attack Clues 

Unsolicited emails, texts, direct messages, attachments and calls are always suspect. Generic email domains — addresses ending in @gmail.com or @yahoo.com — are a cybercriminal’s go-to move, along with fabricated logos, poor grammar and spelling errors. More often than not, scare tactics, like urgent and threatening tones, are used to provoke a victim into action. Remember: Legitimate companies will never ask for sensitive information via email. 


Keep Up With Cyber Attack Trends

It’s inevitable that phishing tactics will only become more convincing over time. Being aware of mass scams, like PayPal and Internal Revenue Service imitators, may help curb rash reactions to instigative notifications. 


Check for Verification 

When corresponding with an official support page or account for a company, they should be verified under their correct organization and directly linked to their main page. Cross-checking smaller businesses too young for official verification for history consisting of customer interactions is a great way to self verify. Avoid accounts with only a few followers and no posts.


Ensure Secure Web Browsing

When on a web browser, look for a locked padlock icon next to the URL in a browser’s search bar to ensure it’s secure. This indicates that the website has a valid SSL certificate and HTTPS protocol.


Keep Software Updated

Keeping up to date with software on your devices boosts security, as many hackers plot their attacks on vulnerabilities found in outdated software.


Use a VPN While on Public Wi-Fi

Whenever using a public Wi-Fi source — even checking your email — a VPN can be used as a best practice for data protection.


Avoid Oversharing on Social Media 

Everything shared online becomes part of a user’s digital footprint, which hackers will use to infer passwords and security questions clues, or launch social engineering attacks.

Hiring Now
Productivity • Software • Database • Analytics • Business Intelligence