Editing Internet security (section)

==Threats==
===Emerging Threats ===
Emerging cyberthreats are a result of recent technological breakthroughs. For example, [[deepfakes]] use AI to produce audio and video that seems real but are actually fake, which increases the danger of fraud and false information. Furthermore, traditional risks can be automated and strengthened by AI-driven attacks, making them harder to identify and neutralize.
===Malicious software ===

Malicious software comes in many forms, such as [[Computer virus|viruses]], [[Trojan horse (computing)|Trojan horses]], [[spyware]], and worms.

* [[Malware]], a portmanteau of malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. Malware is defined by its malicious intent, acting against the requirements of the computer user, and does not include software that unintentionally causes harm due to some deficiency. The term badware applies to both malware and unintentionally harmful software.
* A [[botnet]] is a network of [[zombie computer|computer]]s that have been taken over by a robot or [[Internet bot|bot]] that performs large-scale malicious acts for its creator.
* [[Computer viruses]] are programs that can replicate their structures or effects by infecting other files or structures on a computer. The typical purpose of a virus is to take over a computer to steal data.
* [[Computer worms]] are programs that can replicate themselves throughout a computer network.
* [[Ransomware (malware)|Ransomware]] is a type of malware that restricts access to the computer system that it infects, and demands a ransom in order for the restriction to be removed.
* [[Scareware]] is a program of usually limited or no benefit, containing malicious payloads, that is sold via unethical marketing practices. The selling approach uses social engineering to cause shock, anxiety, or the perception of a threat, generally directed at an unsuspecting user.
* [[Spyware]] refers to programs that surreptitiously monitor activity on a computer system and report that information to others without the user's consent. 
* One particular kind of spyware is [[Keystroke logging|key logging]] malware. Often referred to as keylogging or keyboard capturing, is the action of recording (logging) the keys struck on a [[Keyboard (computing)|keyboard]].
* A [[Trojan horse (computing)|Trojan horse]], commonly known as a ''Trojan'', is a general term for malware that pretends to be harmless, so that a user will be convinced to download it onto the computer.

=== Denial-of-service attacks ===
{{Main|Denial-of-service attack}}

A [[denial-of-service attack]] (DoS) or distributed denial-of-service attack (DDoS) is an attempt to make a computer resource unavailable to its intended users. It works by making so many service requests at once that the system is overwhelmed and becomes unable to process any of them. DoS may target [[cloud computing]] systems.<ref>{{cite journal|title=Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges|first1=Q.|last1=Yan|first2=F. R.|last2=Yu|first3=Q.|last3=Gong|first4=J.|last4=Li|journal=IEEE Communications Surveys and Tutorials|volume=18|issue=1|pages=602–622|doi=10.1109/COMST.2015.2487361|year=2016|s2cid=20786481}}</ref> According to business participants in an international security survey, 25% of respondents experienced a DoS attack in 2007 and another 16.8% in 2010.{{citation needed| reason=no link|date=January 2024}} DoS attacks often use bots (or a botnet) to carry out the attack.

===Phishing===
{{main|Phishing}}

Phishing targets online users in an attempt to extract sensitive information such as passwords and financial information.<ref>{{cite web|last1=Izak|first1=Belarua|title=Welke virusscanners zijn het beste voor macOS High Sierra|url=https://virusscannermac.nl/beste-virusscanner-voor-mac/|website=Virusscanner MAC|access-date=4 January 2018|language=nl-NL}}</ref> Phishing occurs when the attacker pretends to be a trustworthy entity, either via email or a web page. Victims are directed to web pages that appear to be legitimate, but instead route information to the attackers. Tactics such as [[email spoofing]] attempt to make emails appear to be from legitimate senders, or long complex [[URL]]s hide the actual website.<ref>{{cite book |author=Ramzan, Zulfikar |chapter=Phishing attacks and countermeasures |editor1=Stamp, Mark |editor2=Stavroulakis, Peter |title=Handbook of Information and Communication Security |publisher=Springer |year=2010 |isbn=978-3-642-04117-4 |chapter-url=https://books.google.com/books?id=I-9P1EkTkigC&pg=PA433}}</ref><ref>{{cite journal|last1=van der Merwe|first1=Alta|last2=Loock|first2=Marianne|last3=Dabrowski|first3=Marek|title=Characteristics and Responsibilities Involved in a Phishing Attack|journal=Proceedings of the 4th International Symposium on Information and Communication Technologies|date=2005|pages=249–254|url=https://dl.acm.org/citation.cfm?id=1071800|access-date=4 January 2018|publisher=Trinity College Dublin|isbn=978-1-59593-169-6 }}</ref> Insurance group [[RSA Insurance Group|RSA]] claimed that phishing accounted for worldwide losses of $10.8 billion in 2016.<ref name="First_Post">{{cite web|url=https://www.rsa.com/en-us/blog/2017-02/fraud-insights-integration|title=Fraud Insights Through Integration|last=Long|first=Mathew|date=February 22, 2017|publisher=RSA|access-date=October 20, 2018|archive-date=October 20, 2018|archive-url=https://web.archive.org/web/20181020140826/https://www.rsa.com/en-us/blog/2017-02/fraud-insights-integration}}</ref>

=== Man in the middle ===
{{Main|Man-in-the-middle attack}}

A man-in-the-middle (MITM) attack is a type of cyber attack. Cybercriminals can intercept data sent between people to steal, eavesdrop or modify data for certain malicious purposes, such as extorting money and [[identity theft]]. Public WiFi is often insecure because monitoring or intercepting Web traffic is unknown.{{citation needed|date=August 2022}}

=== Application vulnerabilities ===
{{main|Application security}}

Applications used to access Internet resources may contain security vulnerabilities such as [[memory safety]] bugs or flawed authentication checks. Such bugs can give network attackers full control over the computer.<ref>{{Cite web|url=https://msdn.microsoft.com/en-us/library/ms994920.aspx|title=Improving Web Application Security: Threats and Countermeasures|website=msdn.microsoft.com|date=14 July 2010 |access-date=2016-04-05}}</ref><ref>{{cite news|title=Justice Department charges Russian spies and criminal hackers in Yahoo intrusion|url=https://www.washingtonpost.com/world/national-security/justice-department-charging-russian-spies-and-criminal-hackers-for-yahoo-intrusion/2017/03/15/64b98e32-0911-11e7-93dc-00f9bdd74ed1_story.html?tid=ss_fb-bottom|newspaper=Washington Post|access-date=15 March 2017}}</ref>

=== User Awareness ===

As cyberthreats become more complex, user education is essential for improving internet security. Important areas of attention consist of:

* Users should have the ability to spot [[phishing]] emails by looking for odd sender addresses, cliched salutations, and language that seems urgent. Both simulated phishing exercises and real-world examples can be incorporated into training programs.
* Enabling [[two-factor authentication]] (2FA) and stressing the usage of strong, one-of-a-kind passwords are essential for protecting personal information. Additionally, users need to understand the dangers of oversharing on social media and how crucial it is to change their privacy settings.
* It's critical to educate people on how to spot secure websites (search for HTTPS), steer clear of dubious downloads, and use caution when clicking links. Also, users need to be aware of the dangers of utilizing open WiFi networks without a [[VPN]].