1.1 Flashcards
Phishing
sending emails to users w/the purpose of tricking them to click a link and revealing personal info
Smishing
form of phishing that uses text
Vishing
phone phising
Spam
unwanted or unsolicited bulk email
SPIM
spam over instant messaging
Spear Phishing
targeted phishing w/inside info
targets employees within a company and customers
Dumpster Driving
searching through trash to gain info from discarded documents
Shoulder Surfing
looking over someone’s shoulder to gain infomation
Pharming
hijacking a user’s browser so they’re automatically redirected to a malicious website
Tailgating
following closely behind another w/o showing credentials
Eliciting Information
act of getting info w/o asking for it directly
Whaling
form of spear phishing that targets high-level executives
Prepending
adding code to the beginning of a presumingly safe file that will get activated once the file is opened
Identity Fraud
actual use of stolen information for illicit gain
Invoice Scams
a phisher pretending to be a vendor requesting payment for goods or services that was never requested or received
Credential Harvesting
attempt to trick users into entering their credentials into a fraudulent website to steal their login information
Reconnaissance
gathering as much info as possible from open source sources on a target.
Hoax
a fake message warning the recipient of a non-existent computer threat virus
Impersonation
a malicious actor pretends to be a legitimate user or service to gain access to protected info
Watering Hole Attack
commonly visited website from a particular group of people that an attacker will infect w/malware to infect the visitor’s systems
Typosquatting (URL hijacking)
Someone that buys a domain name that is close to a legitimate domain name
Pretexting
A fake scenario added to a convo to make a request more believable
Influence Campaigns
Use of a variety of sources to influence public perception
Hybrid Warfare
Blend of conventional warfare w/unconventional methods to influence people
