Please find below the list of common hackers attacks and their defenses.

Hacker Attack

Description

Common Defenses

Social Engineering

Coaxing passwords and other valuable info from unsuspecting users through innocent conversation.

User education, two-factor authentication.

Dictionary

Cracking passwords by trying every word in a dictionary.

Require strong passwords, limit the number of failure retry attempts, two-factor authentication.
 

Brute Force

Cracking passwords by trying every combination of characters.

Require strong passwords, limit the number of failure retry attempts, two-factor authentication.
 

Replay

Network traffic is recorded and replayed later by a hacker after being adjusted to meet their goals.

SSL, secure session management, authenticate every application layer, use the RegisterRequiresViewStateEncryption page method, threat modeling.

Man-in-the-Middle

Phishing, intermediate software that pretends to be a third-party Web Site in order to collect passwords, credit card numbers, etc.

SSL, secure session management, authenticate every application layer, use the RegisterRequiresViewStateEncryption page method, threat modeling, user education.

Bots

Software that pretends to be a human Web site user and consumes resources without permission.

Turing-test technologies, such as CAPTCHA.

Denial of Service

Web servers are overwhelmed with dummy requests designed to consume CPU cycles.

Web farms with failover capability, code that fails early and intelligently.

Code Injection

SQL Injection, Cross Site Scripting (XSS), Xpath Injection, etc. Causes a hacker's code to execute on other's computers. Arbitrarily modify values in a database through a type of code injection called SQL injection. The impact of this can range from defacement of a web site to serious compromisation of sensitive data.

Use parameterized ADO.NET SQL queries, encode output, validate and filter input with white lists, set the Page's ViewStateUserKey property, use the Microsoft Anti-Cross Site Scripting Library.

BackScatter (Email)

The side-effect of a spoofed attack. The attacker spoofs (or forges emails) and send messages out as SPAM randomly. The victim will be sent back all the Non-Delivery Reports.

How do I prevent someone else from using my email address?