1.2 Types of attacks - Social Engineering Flashcards
Compare and contrast types of attacks.
The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Phishing
The fraudulent practice of sending targeted emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Spear Phishing
A highly targeted phishing attack - aimed at senior executives
Whaling
These attacks try to trick an employee into giving out confidential information via a phone call
Vishing
Attacker walks behind a genuine authorized person to get inside the restricted access area.
Tailgating
An attack in which an adversary successfully assumes the identity of one of the legitimate parties
Impersonation
Investigating a person or business’s trash to find information that can be used for Social Engineering
Dumpster Diving
A type of social engineering technique used to obtain information such as personal identification numbers, passwords and other confidential data by looking over the victim’s shoulder
Shoulder Surfing
Emails typically arriving in chain letter fashion that often describe impossible events, highly damaging malware or urban legends.
Hoax
A computer attack strategy in which an attacker guesses or observes which websites an organization often uses and infects one or more of them with malware.
Watering hole attack
To impersonate or imply a position of authority
Authority
To frighten by threat
Intimidation
To convince general group agreement
Consensus
To describe a lack of something
Scarcity
To imply a closer relationship
Familiarity