History Sniffing is an umbrella term that defines different techniques used to monitor the web browser history for diverse purposes including the launch of a cyber attack. Although it is an old trick, the technique is still being used for victimizing internet users. In the recent times, studies have shown a rise in the types and numbers of history sniffing cyber attacks for the sheer ease of launching such attacks.
How Is History Sniffing Cyber Attack Launched?
- The cyber attackers create fake online advertisement and preload attacker code in this ordinary looking advertizement.
- The code is embedded with a list of target websites (the websites that hackers want to know if the user has visited).
- When user clicks on the advertizement, the code starts running and checks the browsing history for target websites.
- If the user has visited any of the target websites, the program will indicate a match to the hacker.
- The hackers then redirect the victim to corresponding fake version of the website to cause further damage.
How Are History Sniffing Attacks Used?
The data collected by history sniffing attacks is used as a foundation for other types of cyber attacks by hackers.
- Phishing: Hackers use history sniffing techniques to find out the financial organization websites visited by the victim. This data is then used to launch customized phishing attacks which automatically match every victim to a fake page of actual financial organization. The victims are tricked into filling their financial details which can be used by hackers to steal money from users’ accounts.
- Stalking: History sniffing can be used to stalk internet users by keeping an eye on their browsing behavior. Hackers may keep a track of social media pages or locations saved in the browser history. Stalking may cause some serious problems for the victim such as kidnapping, physical damage, assault, etc.
- Identity Theft: It is common for internet users to save their login details or choose the option to ‘keep Logged In’ on their browser. Hackers can use history sniffing coupled with other malicious code to check the social media profiles logged in on the browser and access these profiles to pose as the user. They can further use these accounts to send unauthorized messages, post fake news, etc.
For more information on history sniffing cyber attacks, call Centex Technologies at (972) 375 - 9654.