CA Ravi Taori
         Common Cyber-attacks: The most common types of cyber-attacks include unauthorized access, data theft,
         exposure, alteration, disabling, or destruction.
         Malware
         Malware: Malware is software designed to harm computers or networks, and includes types like ransomware,
         trojans, and viruses.

         Types of Malwares
         (Shortcut: Ransomware & Trojan in Mutual Funds)
         Ransomware:  Ransomware  encrypts  a  victim's  data,  demanding  payment  for  decryption.  It's  often  spread
         through phishing emails, unpatched vulnerabilities, and misconfigurations.
         Trojan: A trojan is malware disguised as legitimate software or files, often installed via techniques like phishing
         or bait websites.
         Mobile  Malware  Mobile  malware  targets  mobile  devices  and  is  spread  through  malicious  downloads,  OS
         vulnerabilities, phishing, smishing, and unsecured Wi-Fi.
         Fileless Malware: Fileless malware exploits legitimate system tools for cyberattacks without installing code,
         making it harder to detect than traditional malware.
         Denial-of-Service (DoS) Attacks:
         A Denial-of-Service (DoS) attack floods a network with false requests, disrupting access to services like email and
         websites. While usually not causing data loss, DoS attacks cost time, money, and resources to resolve.

         Phishing:
         (Shortcut Scammer Saw Victims Wallet)
         Phishing  is  a  cyberattack  using  email,  SMS,  phone,  or  social  media  to  trick  victims  into  sharing  sensitive
         information or downloading malicious files, leading to potential viruses on their devices.
         Spear Phishing
         Spear-phishing  is  a  targeted  phishing  attack  via  malicious  emails  aiming  to  steal  specific  individuals'  or
         organizations' sensitive information or infect their devices with malware.
         Smishing
         Smishing is a scam involving text messages posing as reputable companies to trick individuals into revealing
         personal information like passwords or credit card numbers.
         Vishing
         Vishing is a voice phishing tactic where fraudsters use phone calls and voice messages, posing as trusted entities,
         to trick people into sharing private details like bank information and passwords.
         Whaling
         A whaling attack targets senior or C-level executives to steal money, information, or access their computer for
         additional cyberattacks.
         Spoofing:
         Spoofing involves cybercriminals disguising as trusted sources to access systems, aiming to steal information,
         extort money, or install malware.

         Types of Spoofing:
         Domain spoofing: Domain spoofing is a phishing tactic where attackers mimic legitimate websites or email
         domains to deceive users. While they seem authentic initially, subtle discrepancies exist upon closer inspection.
         Email spoofing:  Email spoofing is a cyberattack where emails have forged sender addresses to deceive recipients,
         making them more likely to engage with malicious links or attachments.
         Identity-Based Attacks:
         When a user's credentials are compromised, adversaries can impersonate them. For instance, using the same ID
         and password on multiple accounts can lead to access to unrelated accounts when one is breached.

         www.auditguru.in                                                                                  12.7