10 Most Common Data Security Threats

With the internet, many of our daily tasks are easier than ever before. At the click of a button, we can check our bank accounts, pay bills, and shop for anything and everything that we need or want. This, however, involves sharing private information that could ultimately fall into the wrong hands. As convenient as the internet may be, the World Wide Web exposes us to many security threats from a new breed of predator.

What are the 10 most common data security threats? A massive number of new, developing threats have data security experts ever vigilant. These security threats fall into several categories: human error, cybercriminals, malware, and phishing.

  1. Passwords
  2. Unauthorized users
  3. Outdated hardware and software
  4. Man in the middle attacks
  5. Form jacking
  6. Malware & Viruses
  7. Spyware
  8. Deceptive Phishing
  9. Vishing
  10. Spear phishing

Read on to see the ten most common security threats that can compromise both your computer and applications. Also, you will see the types of threats that target your personal information.

The most common security threats result from human error. Many people are either ignorant of the dangers to their personal information, or they don’t know how to go about securing protection against cyber threats.

1. Passwords

One mistake that people often make is creating passwords that are easily compromised. Using passwords that mimic the birthdays of family members can easily be discovered. There are several ways to ensure that your passwords remain secure.

  • Avoid using dates that are important to you. Birthdays, anniversaries, or significant dates, such as the bombing of Pearl Harbor, should not be used.
  • Stay away from using notable names or phrases such as, “anappleaday,” “greeneggsandham,” “oldmcdonald,” “littlebopeep.”
  • Never use the word “password” as or in your password.
  • Your password should be a long one. Usually, eight to twelve characters is considered a good length.
  • The better passwords include a mixture or combination of letters, characters, and/or numbers. It’s best to have both upper- and lower-case letters.

2. Unauthorized users

Many times your personal computer is compromised by someone you know. When you bring your work computer home, it is subject to be compromised by family or friends. The way to avoid this is to protect it with a secure password, which will assist in denying access to sensitive personal or employer information.

3. Outdated hardware and software

Always keep your hardware and software updated, especially virus protection. When you allow your hardware and software to become outdated, security threats become more dangerous.

Take Microsoft Windows, many people still use the older unsupported versions like Windows XP and Windows Vista. These no longer receive patches to newly discovered security holes. Hackers can easily craft web pages and software to take control of devices running these older operating systems and steal any data.

4. Man-in-the-Middle (MITM) attack

The Man-in-the-Middle attack is exactly what the name implies. The attacker acts as a go-between between two parties. The attacker sends messages back and forth between them and can even alter actual conversations between the two parties. Both parties/victims believe they are in a private dialogue.

The purpose of a MITM attack is to steal your personal information: usernames, passwords, account information, credit card numbers, etc. You could be targeted by this type of attacker if you frequent sites that involve financial applications or sites where you need to login to get access.

Cyber criminals are a new breed of criminals who have emerged with the creation of the World Wide Web. They prey on the unsuspecting masses under different guises.

5. Form Jacking

Cyber Criminals also known as hackers or attackers, use Form jacking to exploit web users. Form jacking is the process by which a hacker inserts a harmful code, often a JavaScript, into the website of an e-commerce business.

When you go to a website compromised by Form jacking, the site quickly sends your credit card number, bank information, and/or other personal information to the hacker.

This type of process is difficult to detect and very lucrative for cybercriminals.

6. Malware & Viruses

Malware is a type of security threat whose sole purpose is to steal your personal information. This includes spyware and viruses.

Viruses are the most known malware. Most people have heard of viruses and the harm they can do to your computer system and/or applications. A virus is a type of computer program that copies itself. It then changes your other programs by introducing its code into the programs. When the code is inserted successfully into a program, your computer becomes with a virus.

There are many different types of computer viruses. Here are a couple of types of viruses and what they do.

  • The Boot Sector virus is a sophisticated virus that corrupts the master boot record (MBR), which is the data in the first section of your hard drive. The MBR identifies where your operating system is located; therefore, it can infect everything from personal files to computer applications.
  • Some viruses attach themselves to specific file types like .com or .exe. These are called Direct Action viruses. Once the virus attaches itself to a file type, it becomes active when it’s accessed.  It can then attach itself to other file types, ultimately making the files unable to be accessed.
  • Yet another common virus is the Resident virus. The Resident virus stows away in your computer’s memory. The virus then sits there in the memory and can infect more files. The original infected file does not have to be up and running for the Resident virus to corrupt other files.

7. Spyware

Spyware is a type of malware. Spyware is a program that gathers your personal information from your computer without you being aware of it.

  • Adware is a type of spyware that is used mostly by advertisers. It tracks the websites that you visit and sends you pop-ups.
  • Keyboard Logger is a program often used by hackers to they can access your personal information and passwords. It uses the keyboard clicks to identify things like bank routing and account numbers, credit card pins and numbers, and passwords for private emails.
  • Commercial Spyware—Although unauthorized, sometimes you unwittingly agree to spyware. This happens with “companies that provide free software and social networking platforms [who] require you to agree to be monitored to access their systems.” Unfortunately for you, the hacker who installed the spyware is doing the monitoring.

8. Deceptive Phishing Attacks

Phishing attacks have been around for a while. They are one of the oldest types of cyberattacks geared toward stealing your personal information. It also is the most often used type of cyberattack designed to lead you to compromise yourself.

Phishing involves the attacker trying to get your attention through emails and/or messages. Phishers disguise themselves as familiar people/companies that you trust and lure you with something you might want or need. They usually want you to open or download an attachment, which then leads to you inadvertently giving the attackers what they want.

Deceptive phishing is the most common type of phishing. This phishing uses deception, hence the name. It usually shows up in your personal email. The phisher pretends to be a person or company with whom you are familiar. Once you open the attachment, they can gain access to your personal information or money.

9. Vishing

Vishing is another kind of phishing. This type of phishing involves the phisher calling you on your cell phone, pretending to be someone you know in some capacity, often a bank employee or the IRS. They try to get you to give them private information.

10. Spear phishing

Spear phishing occurs when the phisher researches you, the victim, by gathering information about you. Once the information is collected, the phisher reaches out to you in a personal email in which he knows your name, who you work for, when you work, etc. You then think the phisher is genuine and mistakenly give your personal information.


These are the ten most common data security threats which can put you in a compromised position.  They do so by either corrupting, changing, or deleting personal files; stealing personal and/or confidential information; or destroying your entire system. It is good practice to be aware of the threats that are out there and educate yourself for your protection.

Recent Posts