Common Cyber Attack Methods
Phishing is a type of cyber attack where attackers impersonate trusted entities—like banks, universities, or coworkers—to trick people into revealing sensitive information such as passwords, credit card numbers, or login credentials. These attacks often come in the form of deceptive emails, text messages, or fake websites that look legitimate but are designed to steal your data.
In an academic setting, phishing can lead to unauthorized access to student records, research data, and financial systems.
Credential stuffing is a type of cyber attack where hackers use stolen usernames and passwords—often obtained from previous data breaches—to try and gain unauthorized access to other accounts. Because many people reuse the same credentials across multiple platforms, attackers can automate login attempts on various websites, hoping that the credentials will work somewhere else. It's a low-effort, high-reward tactic that can lead to widespread account compromise.
Brute-force intrusions, on the other hand, involve systematically guessing passwords or encryption keys until the correct one is found. Attackers use automated tools to try thousands or even millions of combinations rapidly. This method is especially effective against accounts with weak or commonly used passwords. MFA helps prevent both types of attacks by requiring additional verification steps that can't be easily guessed or reused.
MFA adds a second layer of verification that helps block access even if someone falls for a phishing attempt or is a victim of credential stuffing or a brute-force intrusion.