Privacy 101 🧠

What is packet sniffing and how to prevent it

Take preventative steps to prevent packet sniffing, one of the most intrusive techniques used by hackers to steal personal information.

The world of hacking is getting more and more complex as the years go by. It is a necessity for hackers as security systems and software updates are continuously blocking their attacks. One of the latest, tricky techniques is known as packet sniffing. So what is sniffing and how can you prevent it?

Packet sniffers, more generally known as sniffers, are almost like a dog sniffing information that’s crossing a network. They allow hackers to sniff out data packets from both public and private networks.

The main goal of sniffing attacks is to steal data and personal information. 

As you have learned, if you are following along with our series on security threats, personal data can be extremely valuable for hackers and cybercriminals and costly for you if it’s stolen.

To truly protect yourself, your wallet and your time, you need to protect your data. Knowing what you’re up against is imperative to practice good digital hygiene.

What is a packet sniffing attack?

The closest comparison to sniffing in the “real world” of popular culture is when a police detective bugs a telephone line to intercept a call and secret information.

In a way, that’s what cybercriminals are doing when they implement a sniffing attack. 

Criminals are looking for specific things during a sniffing attack. They want your login information, including passwords, banking information or credit card information, personal messages and emails or anything that could help them steal your identity.

Sniffers are either programs or even hardware devices that spy on internet activity. The reality is, the technology was intended for legal purposes to monitor traffic but has been adopted by criminals. The legitimate purpose of sniffers is to make sure traffic across a network is smooth and uninterrupted.

These “wiretaps” can monitor websites you visit, anything you have downloaded or uploaded, and more in real-time. 

What hackers are doing is intercepting packets of information being sent over a network, using software to decode and interpret it and then using that against you.

Hackers use software to change a computer’s settings to collect these data packets that are traveling over the network. They then save all of the packets and later dig through them. 

If that sounds intrusive, it’s because it is.

Hackers infect computers via unsafe websites and phishing scams by tricking users into downloading the software via attachments or unsafe links.

There are two types of sniffing attacks:

  1. Active. This is when a hacker actively targets a point-to-point network device. Since these “switches” regulate the flow of data between ports, it’s a valuable target for sniffers. With the right knowledge, they can capture the traffic between these points and “sniff” the traffic. It’s very targeted and often used for high-value targets.
  2. Passive. Passive sniffing happens when hackers insert themselves into a hub that’s connected to other devices via a Local Area Network. Since traffic passing through the hub can be seen by all machines, hackers place sniffers here to passively capture any data that comes through.

How to prevent sniffing attacks

So now that you know the dangers of packet sniffing attacks, it’s time to learn about the best practices to prevent them.

One of the best practices is to avoid public Wi-Fi. We have discussed the best practices on how to keep safe on public Wi-Fi in the past, and those reasons still apply here.

Basically, it’s easy for hackers to sniff an entire public Wi-Fi network and grab all of the data that passes across it. Don’t use public Wi-Fi in most cases.

Another preventative measure is to use a virtual private network or VPN. VPNs are powerful tools that encrypt and hide all data sent from your computer out across the internet. If you are being “sniffed,” a good quality VPN will make sure those data packets are unusable.

You also want to be sure to avoid browser fingerprinting and browse securely. This is a given, but especially to prevent sniffing attacks. When browsing, always check to make sure the websites you are on are secure. You can do so by checking the URL to make sure it starts with HTTPS. The “S” is key and signifies that the website is secure.

The last tip is to be hyper-vigilant in looking out for phishing attacks. Avoid fishy websites and emails that ask you to enter any sort of login, password or private information.

If you are going to enter your information, double-check the URL to ensure that the website you are on is, in fact the real website they are purporting to be. 

For more, read our guide to digital security and privacy tools. You might also try these privacy apps for iOS and privacy apps for Android.