What Is A Sniffing Attack?

What Is A Sniffing Attack?
Graphic: Nathaniel Blum

What Is A Sniffing Attack?

Jamie Friedlander
January 18, 2020

You receive the dreaded phone call. Your credit card information has been stolen. You still have your credit card, so you’re confused. How did someone steal the numbers without stealing the physical card?

If you ever use unsecure networks (like public Wi-Fi) or send unencrypted data, you could be the victim of something called a sniffing attack, a type of hack that’s designed to steal your personal information, such as passwords and credit card numbers.

What is a sniffing attack?

A sniffing attack occurs when a hacker steals data traveling between two points on a network, said Paul Bischoff, a privacy advocate and editor with Comparitech.com, based in Indianapolis.

“It’s the internet equivalent of wiretapping a phone,” Bischoff said. It works like this: The hacker uses a program called a sniffer to “sniff” for valuable information, like credit card numbers and passwords. Bischoff said hackers might also redirect users to fraudulent phishing websites or malware websites, or modify the contents of network packets, which contain user data. In addition, some hackers might use a sniffing attack to read private communications for identity theft purposes.

Sniffer programs aren’t always used for malicious purposes. They originated as a program that was used to analyze and detect any problems with a network’s traffic. Bischoff said commercial sniffing tools, such as Wireshark and Tcpdump, are often free and have been around for decades.

“The tools needed to carry out basic sniffing attacks are the same or similar to the tools used by network administrators to monitor and diagnose problems on their networks,” he said.

Mike Satter—president at OceanTech, a data security company, and president at WipeOS, a data erasure company—said sniffing attacks have been around since the programs were first created. “Sniffing attacks have been occurring for decades now,” said Satter, who is based in Minneapolis. “It was very bad back in the ‘90s, until security safeguards and tactics were developed to combat them.”

How does a sniffing attack work?

Sniffing attacks can happen to both consumers and businesses, and they can be done in myriad ways.

Bischoff offers one example of how a sniffing attack might occur on the consumer level:

A hacker might set up a fake Wi-Fi hotspot called “Starbucks Wi-Fi” and trick people who are using devices nearby into connecting. The hacker can then monitor, intercept, modify or delete any unencrypted internet traffic passing between these unsuspecting users and the internet. Hackers are typically looking for things like usernames and passwords, credit card numbers, and banking information.

Aanand Krishnan, CEO and founder of Tala Security based in Mountain View, California, said sniffing attacks are dangerous because they’re hard to detect. Although anti-sniffer software exists, it isn’t a foolproof way of catching sniffers.

“One of the troubling realities of these attacks is that they operate very silently,” Krishnan said. “The end user receives their intended goods or experience. The website owner gets paid. The problem is that the attacker has made off with stolen credit card information.”

How can I protect myself from online attacks?

It’s more important than ever to be proactive about protecting yourself from sniffing attacks and other online scams. Follow these best practices to try and ensure you’re being as safe as possible online:

  • Avoid public Wi-Fi. Satter said one of the most important things you can do is skip public Wi-Fi and only use trusted and secure internet sources.
  • Don’t use public computers. If possible, avoid using public computers, such as those at libraries.
  • Check on suspicious communications. Did you receive a phone call or email that made you feel uneasy? Try to learn more about the sender using reverse phone lookup and email search services.
  • Use a secure file transfer protocol (SFTP). This is much safer than using a traditional file transfer protocol (FTP).
  • Use encryption services. One way to be extra safe is by encrypting everything you send and receive, which can be done through a virtual private network (VPN). Although websites that begin with “https” are encrypted to some degree (the “s” stands for “secure”), Bischoff said the best defense is a VPN, as it encrypts all internet traffic before it leaves your device.
  • Keep your software up-to-date. To ensure you’re as safe online as possible, make sure you regularly complete all operating system and software updates on your devices.
  • Stay alert. Krishnan said it’s important to use common sense online. “Frequent mainstream websites,” he said. “Pay attention to credit card statements. If it seems suspicious, it probably is.”

Although sniffing attacks aren’t as common as they were in the ‘90s, they can still happen today. By using encryption services, avoiding public networks and staying alert, you can help ensure you won’t be a victim of a sniffing attack.

Disclaimer: The above is solely intended for informational purposes and in no way constitutes legal advice or specific recommendations.