Skip to content

What is a Sniffing Attack and How to Avoid It?

Posted on by Dawna M. Roberts in CrimeNovember 11, 2020

The world is a dangerous place these days, especially when it comes to your online life. You have probably heard about phishing emails, scam calls, ransomware, and malware, but have you heard about sniffing attacks?

packet sniffing attacks

Sniffing Attack Definition

As defined by NordVPN, “Sniffing is when packets passing through a network are monitored, captured, and sometimes analyzed. It can be used for good and evil. For example, your system administrator might use sniffing to troubleshoot or analyze the network or perform egress defense. On the other hand, hackers can use this technique to perform man-in-the-middle attacks that aim to steal your bank details, account credentials, or other personally identifiable data that could lead to identity theft.”

A sniffing attack is essentially like someone bugging your telephone but in digital terms. For example, detectives may listen in on calls to gain insight into a suspect’s behavior, intentions, and whereabouts. Using a sniffing attack, hackers eavesdrop on your digital activity, and any information that is not encrypted (meaning it is in plain text), including your bank account, usernames, passwords, or other pieces of useful information, is at risk of being stolen.

Cybercriminals also use sniffing attacks to spy on your text messages to glean sensitive information. They may also read your emails or other app data to steal your identity or gain access to your accounts.

How Does a Sniffing Attack Work?

Information is routed through the internet using packets. So even a single email might be broken up into smaller pieces (called packets) and reassembled at its final destination. On route, they may pass through various routers and switches. Any point along its journey is ripe for sniffing.

Different Types of Sniffing Attacks

When it comes to sniffing attacks, there are two different types, passive and active. Let’s explore each one now.

Passive Sniffing

Passive sniffing is when the attacker lays low and watches for information that crosses his or her path. This type of attack is more old-school because it involves a network hub where traffic is routed to other destinations. The attacker places a sniffer near the hub and collects anything that routes through it. However, these days most networks use switches rather than hubs, so active sniffing is a more popular option. 

Active Sniffing

With active sniffing, the hacker tries to redirect traffic that comes in contact with a particular switch to an alternate destination so they can intercept and read it. Some examples of active sniffing are MAC spoofing, DNS poisoning, DHCP attacks, and MAC flooding. 

How to Identify a Sniffer

Although there are anti-sniffer devices and software options, depending on the type and sophistication of the one used, they can go undetected for long periods of time and gather extensive data from the infected network. 

Some layers of a typical network are more vulnerable to sniffing attacks. For example, HTTP, Telnet, FTP, POP, and SNMP are all layers and protocols that may be at risk for sniffing on some networks. 

Some of the Top Sniffing Tools

Some of the most widely used sniffing tools are: 

dSniff - This product performs network analysis and password sniffing across various network protocols such as FTP, Telnet, POP, rLogin, Microsoft SMB, SNMP,  and IMAP. 

Debookee - Is another option that can monitor network traffic regardless of the device type (phone, computer, smart TV, etc.). This one uses modules for different purposes, such as Wi-Fi monitoring, SSL/TLS decryption, and network analysis. 

Wireshark - Free, open-source product that works on Linux, Windows, and other operating systems. Its top feature is the ability to filter packets by IP address. 

A Sniffing Example

A sniffing attack does not have to be hardware-related but can occur on a retail website. For example:

Say a hacker places malware on the checkout page of a well-known retail store. A user checks out paying with their credit card. The sniffer gathers the person’s credit card information (name, address, credit card number, expiration date, three-digit code) and sends it directly to the hacker. Now the criminal has everything they need to start using the person’s credit card. 

In some cases, sniffing is used to gather the information that is later sold on the dark web. Not all criminals use the bank and credit card details they steal. Sometimes that information is worth more for sale on nefarious websites. 

How to Prevent Sniffing Attacks and Stay Safe

You can prevent sniffing of your data and keep your information safe by following a few safety tips:

  • Do not connect to public Wi-Fi hotspots. If you have to use one, never log onto your bank or credit card accounts from an unsecured internet connection. Many hackers hang out at local coffee shops spying on the online activity of all its guests. 
  • Invest in a VPN to block your IP address and protect your data.
  • Encrypt everything from your messages, email, phone, and data. Use end-to-end encryption options whenever they are available to you. 
  • Be sure to visit HTTPS websites and do not enter information on a site with HTTP only.
  • Install anti-virus/anti-malware security software on all your devices and run deep scans often.
  • Keep your devices updated with the latest security patches. 

About the Author

Related Articles

News Article

NFL Players and their Criminal Histories

In 2019, an average of 16.5 million people watched NFL football games. Sundays during football season are... Read More

News Article

Record Expungement or Sealing: Which is Best for You?

Having a criminal record can cripple a person’s chances for many opportunities in life. Along with pote... Read More

News Article

What is a Social Engineering Attack? Techniques & Prevention Tips

Social engineering attacks are a new approach to stealing a person’s sensitive information or gaining a... Read More

News Article

7 Most Dangerous Cities in Michigan

Michigan is one of the largest and most populated states in America. Located in the Great Lakes and Midwe... Read More

News Article

Mass Shootings in the United States

Mass Shootings Statistics and Timeline Unpredictable mass shootings rock the United States with sporadic... Read More

Uncover Hidden Information About Anyone: