1.1 Social Engineering Techniques Flashcards
1.0 Threats, Attacks, and Vulnerabilities
What is Social Engineering?
Social Engineering is any activity where the goal is to use deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines. The only direct defense against social engineering attacks is user education and awareness training.
What is Phishing?
A type of email-based social engineering in which an attacker sends an email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.
What is Smishing?
SMS phishing or smishing is a social engineering attack that occurs over or through standard text messaging services.
What is Vishing?
Vishing is phishing done over any telephony or voice communication system
What is SPIM?
Spam over instant messaging (SPIM) is the transmission of unwanted communications over any messaging system that is supported by or occurs over the internet such as instant messaging (IM)
What is Spear Phishing?
Spear phishing is a more targeted form of phishing where it’s directed specifically to an individual or organization
What Is Spam?
Any type of email that is undesired and/or unsolicited
What is Dumpster Diving?
Dumpster Diving is the act of digging through trash to obtain information about a target organization or individual.
What is Pretexting?
A pretext is a false statement to sound believable to steal their victims’ personal information.
What is Shoulder Surfing?
Shoulder Surfing occurs when someone is able to watch a user’s keyboard or view their display to obtain personal or private information
What is Pharming?
Pharming is the malicious redirection of a valid website’s URL or IP address to a fake website that hosts a false version of the original valid site
What is Tailgating?
Tailgating can be simply described as the passage of unauthorized personnel, either forced or accidental, behind that of an authorized user.
What is Eliciting Information?
Eliciting information is where the attacker will try and get to you to provide information; for example, using a false statement in the hope that you will correct the statements.
What is Whaling?
A form of spear phishing that targets individuals or organizations known to be extremely wealthy. Target an individual*
What is Prepending?
Prepend means to attach content as a prefix. It is often used in different kinds of programming and in automated processes.