1.1

Question 1

Phishing

Answer 1

sending emails to users w/the purpose of tricking them to click a link and revealing personal info

Question 2

Smishing

Answer 2

form of phishing that uses text

Question 3

Vishing

Answer 3

phone phising

Question 4

Spam

Answer 4

unwanted or unsolicited bulk email

Question 5

SPIM

Answer 5

spam over instant messaging

Question 6

Spear Phishing

Answer 6

targeted phishing w/inside info

targets employees within a company and customers

Question 7

Dumpster Driving

Answer 7

searching through trash to gain info from discarded documents

Question 8

Shoulder Surfing

Answer 8

looking over someone’s shoulder to gain infomation

Question 9

Pharming

Answer 9

hijacking a user’s browser so they’re automatically redirected to a malicious website

Question 10

Tailgating

Answer 10

following closely behind another w/o showing credentials

Question 11

Eliciting Information

Answer 11

act of getting info w/o asking for it directly

Question 12

Whaling

Answer 12

form of spear phishing that targets high-level executives

Question 13

Prepending

Answer 13

adding code to the beginning of a presumingly safe file that will get activated once the file is opened

Question 14

Identity Fraud

Answer 14

actual use of stolen information for illicit gain

Question 15

Invoice Scams

Answer 15

a phisher pretending to be a vendor requesting payment for goods or services that was never requested or received

Question 16

Credential Harvesting

Answer 16

attempt to trick users into entering their credentials into a fraudulent website to steal their login information

Question 17

Reconnaissance

Answer 17

gathering as much info as possible from open source sources on a target.

Question 18

Hoax

Answer 18

a fake message warning the recipient of a non-existent computer threat virus

Question 19

Impersonation

Answer 19

a malicious actor pretends to be a legitimate user or service to gain access to protected info

Question 20

Watering Hole Attack

Answer 20

commonly visited website from a particular group of people that an attacker will infect w/malware to infect the visitor’s systems

Question 21

Typosquatting (URL hijacking)

Answer 21

Someone that buys a domain name that is close to a legitimate domain name

Question 22

Pretexting

Answer 22

A fake scenario added to a convo to make a request more believable

Question 23

Influence Campaigns

Answer 23

Use of a variety of sources to influence public perception

Question 24

Hybrid Warfare

Answer 24

Blend of conventional warfare w/unconventional methods to influence people

Question 25

Authority

Answer 25

They’re in charge

Question 26

Social Engineering

Answer 26

Use of one or more psychology-based principles to increase the effectiveness of their attacks

Question 27

Intimidation

Answer 27

Bullying tactics

Question 28

Consensus(social proof)

Answer 28

creation of websites w/fake testimonials that promote a product

Question 29

Scarcity/Urgency

Answer 29

a belief that something is in short supply or almost gone

Question 30

Trust/Familiarity

Answer 30

attacker establishes a common contact or friend to gain trust