Phishing as a Social Engineering Attack

Communication on the Internet

Introduction

The Internet has become so ingrained in our society today that it is impossible to imagine day-to-day life without it. Thiry years ago, this was not the case—but all aspects of life have changed do to this technological advancement. The challenge is that the Internet may create as many problems as it solves. In one sense, for example, it can be seen as a double-edged sword, offering boundless information and connectivity while also serving as a playground for cybercriminals. Understanding online communication and how it works is necessary to grasp how cybercriminals exploit vulnerabilities to their advantage. This paper looks at the mechanisms of Internet communication, focusing on the major networking building blocks and their functions, followed by an exploration of software applications\\\\\\\' vulnerabilities, particularly within web browsers.

Networking Building Blocks and Their Functions

The Internet\\\\\\\'s architecture is built upon several critical components that work in tandem to facilitate seamless communication across the world. These components include Internet Service Providers (ISPs), protocols, routers and switches, domain name systems, and content delivery networks (Sunyaev & Sunyaev, 2020). Each does something different in the processes of the Internet.

ISPs act as the gateway for individuals and organizations to access the Internet (Lone et al., 2020). They provide the necessary infrastructure for digital data transmission over vast distances, connecting users to the global network. Protocols are rules that define how data is transmitted over the Internet. The most fundamental protocols include the Transmission Control Protocol (TCP) and the Internet Protocol (IP). TCP ensures reliable delivery of data by establishing a connection between the sender and receiver, while IP addresses are used to identify devices on the network, ensuring data reaches its correct destination.

Routers and switches are devices that direct data traffic on the Internet. Routers route data packets across networks, choosing the optimal path for data to travel to its destination. Switches, on the other hand, connect devices within a single network, facilitating communication between them. Meanwhile, DNS translates human-friendly domain names into IP addresses that computers use to identify each other on the network (Kim & Reeves, 2020). This system is crucial for navigating the Internet, allowing users to access websites without needing to memorize IP addresses. CDNs are networks of servers strategically located around the globe to reduce latency by hosting copies of web content closer to users. They improve the speed and reliability of content delivery, improving user experience.

These building blocks are fundamental to the Internet\\\\\\\'s operation, making it so that it can be a form of efficient and reliable communication across the globe. However, the same infrastructure that enables seamless connectivity also presents opportunities for exploitation by cybercriminals.

Software Applications\\\\\\\' Vulnerabilities

Software applications, particularly web browsers, are essential tools for navigating the Internet. However, they are also common targets for cybercriminals due to their widespread use and inherent vulnerabilities.

Web Browser Vulnerabilities

Web browsers are the primary interface for accessing the Internet, making them prime targets for exploitation. Vulnerabilities in web browsers can arise from flaws in their design, implementation, or configuration. These can include buffer overflows, cross-site scripting (XSS), and cross-site request forgery (CSRF), among others. Such vulnerabilities can be exploited to execute malicious code, steal sensitive information, or gain unauthorized access to systems (Malviya et al., 2021).

Software Bugs and Flaws

Software applications often contain bugs and flaws that can be exploited by attackers. These vulnerabilities can stem from poor programming practices, inadequate security testing, or failure to update software regularly. Cybercriminals exploit these weaknesses to launch attacks such as malware distribution, data breaches, and denial of service attacks.

Social Engineering

Beyond technical vulnerabilities, social engineering attacks exploit human psychology to trick individuals into divulging confidential information or performing actions that compromise security. Phishing attacks are where attackers masquerade as trustworthy entities to solicit sensitive information, and are a common example of a social engineering attack. These attacks leverage the communication capabilities of the Internet to target unsuspecting users (Gomes et al., 2020).