1.0 - Threats, Attacks and Vulnerabilities

Question 1

What is phishing?

Answer 1

Social engineering with a touch of spoofing. This is used to collect access credentials.

• often delivered by email, text, etc.

Question 2

What is typosquatting?

Answer 2

A type of trick and misdirection. A type of URL hijacking - https://professormessor.com

prepending: https://pprofessormesser.com

real address:

https://professormesser.com

Question 3

What is pretexting?

Answer 3

A type of trick and misdirection. Lying to get information

The attacker is a character in a situation that they create

example - “Hi, we’re calling from visa regarding an automated payment to your utility service…”

Question 4

What is pharming?

Answer 4

Redirection to a legit website to a bogus site that harvests a large group of people (as opposed to an attack directed at a single person). This poisons the DNS server and/or client vulnerabilities.

This typically appears very legitimate and is hard to detect

Question 5

What is vishing?

Answer 5

(voice phishing) is done over the phone or voicemail

• caller ID spoofing is common
• fake security checks or bank updates

Question 6

What is smishing?

Answer 6

(SMS phishing) is done by text essage

• spoofing is a problem here as well
• forward links or asks for personal information

Question 7

What is reconnaissance?

Answer 7

Gathering information on a victim

Question 8

What is spear phishing?

Answer 8

Targeted phishing with inside information

Question 9

What is whaling?

Answer 9

Spear phishing the CEO. A targeted phishing with the possibility of a large catch

Question 10

What is the pretext?

Answer 10

Simply a lie that sets up the scenario for a specific attack. The “trap.”

“Hello sir, my name is Wendy and I’m from Microsoft Windows. This is an urgent check up call for your computer as we have found several problems with it.”

Question 11

What is impersonation?

Answer 11

Attacker who pretends to be someone they are not. They use the details they gather during reconnaissance. They commonly attack the victim by acting as someone of higher rank and throw around tons of technical details around to confuse the victim.

Question 12

What is eliciting information?

Answer 12

Extracting information from the victim. Usually the victim doesn’t even know this is happening. Often seen with vishing. These are well documented psychological tricks.

Question 13

What is identity fraud?

Answer 13

Your identity being used by others

Question 14

What is dumpster diving?

Answer 14

A mobile garbage bin. People will look through thrown out trash to gather information.

Question 15

What is shoulder surfing?

Answer 15

Quite simply, looking over your shoulder to access your important information.

Question 16

What are hoaxes?

Answer 16

A threat that doesn’t actually exist but they seem like they COULD be real

This is often an email

Question 17

What is a watering hole attack?

Answer 17

This attack relies on the idea of infecting you by use of a third party. This third party is the “watering hole” which is the central place where they’re hoping users will come and take a drink.

Question 18

What is the difference between pharming and a water hole attack?

Answer 18

Pharming = fake site

Watering hole = compromised site frequented by your target/s.

Question 19

What is spam?

Answer 19

Unsolicited messages

Question 20

What is SPIM?

Answer 20

Spam over Instant Messaging

Question 21

What is a strategy for blocking and/or preventing spam?

Answer 21

Spam filter - Have it filtered at the mail gateway before it goes to your server

Question 22

How does the mail gateway filter spam?

Answer 22

1. Create an “allowed list” which will only receive email from trusted senders
2. Most spam is not compliant with SMTP standards so your filter can block anything that is not adhering to these
3. rDNS (Reverse DNS) - block emails where the sender’s domain doesn’t match the IP address
4. Tarpitting - intentionally slow down the server conversation (they may elect to skip over you to avoid the slowdown)
5. Recipient filtering - block all email not addressed to a valid recipient email address

Question 23

What is an Influence Campaign?

Answer 23

Sway public opinion on political and social issues

Question 24

What is an example of a influence campaign?

Answer 24

Hybrid Warfare

This is a military strategy. By using the internet to “wage war.” This is often referred to as cyberwarfare.

*** Military’s that use these can influence election or convince people of “fake news”

Question 25

What is tailgating?

Answer 25

Use an authorized person to gain unauthorized access to a building

Question 26

What is an invoice scam?

Answer 26

Start with a bit of spear phishing (will find out who pays the invoices in your organization) and then will send a fake invoice (bill of some sort) this bill is often spoofed version from someone of authority that looks legitimate

Question 27

What is credential harvesting?

Answer 27

When hackers try to gain access to your username and passwords stored on your local computer. This is utilized by harvesting the stored credentials on your browser. The bad guys will often send an email that has an attachment that when opens runs a macro that downloads the harvesting malware.

*** This is also known as password harvesting