2.2 Explain common threat vector and attacks surfaces/ social engineering

Question 1

Different Threat Vectors

Answer 1

■ Message-based : email, SMS, phishing

■ Image-based : embedding of malicious code inside of an image file

■ File-based : disguised as legitimate documents or software, can be
transferred as email attachments, through file-sharing services, or hosted
on a malicious website

■ Voice Calls : Vhishing

■ Removable Devices : Baiting : Attacker might leave a malware-infected USB drive in a location where their target might find it.

■ Unsecured Networks : wireless, wired, and Bluetooth networks that
lack the appropriate security measures to protect these networks

Question 2

BlueBorne or BlueSmack
exploits

Answer 2

BlueBorne
■ Set of vulnerabilities in Bluetooth technology that can
allow an attacker to take over devices, spread malware, or
even establish an on-path attack to intercept
communications without any user interaction

BlueSmack
■ Type of Denial of Service attack that targets
Bluetooth-enabled devices by sending a specially crafted
Logical Link Control and Adaptation Protocol packet to a
target device

Question 3

Threat Vector

Answer 3

how is the attack
- Means or pathway by which an attacker can gain unauthorized access

Question 4

Attack Surface

Answer 4

where is the attack
- various points where an unauthorized user can try to enter
data to or extract data from an environment

Question 5

Attack Surface Can be minimized by

Answer 5

Restricting Access
Removing unnecessary software
Disabling unused protocols

Question 6

Human vectors/social engineering Techniques

Answer 6

• Phishing
• Vishing
• Smishing
• Misinformation/disinformation
• Impersonation
• Business email compromise
• Pretexting
• Watering hole
• Brand impersonation
• Typosquatting
• Frauds and Scams

Question 7

Social Engineering

Answer 7

Manipulative strategy exploiting human psychology for unauthorized access to
systems, data, or physical spaces

Question 8

○ Motivational Triggers Used by Social Engineer

Answer 8

• Familiarity and Likability
  ● Consensus and Social Proof
  ● Authority and Intimidation
  ● Scarcity and Urgency

Question 9

• Phishing

Answer 9

Sending fraudulent emails that appear to be from reputable sources to reveal personal information

Question 10

• Vishing

Answer 10

Voice Phishing, tricks their victims into sharing personal or financial information

Question 11

• Smishing

Answer 11

text messages to trick individuals into providing their
personal information

Question 12

• Misinformation/disinformation

Answer 12

Misinformation
■ False or inaccurate information shared without harmful intent

○ Disinformation
■ Involves the deliberate creation and sharing of false information with the intent to deceive or mislead

Question 13

• Impersonation

Answer 13

Attackers provide details to help make the lies and the impersonation
more believable to a potential victim.

Question 14

• Business email compromise

Answer 14

targets businesses by
using one of their internal email accounts to get other employees to
perform some kind of malicious actions on behalf of the attacker

Question 15

• Pretexting

Answer 15

Creating a fabricated scenario to manipulate targets

Question 16

• Watering hole

Answer 16

compromise a specific
website or service that their target is known to use

Question 17

• Brand impersonation

Answer 17

Attackers use the brand’s logos, language, and information to create
deceptive communications or website.

attacker pretends to
represent a legitimate company or brand

Question 18

• Typosquatting

Answer 18

Also known as URL hijacking or cybersquatting.
attacker will register a domain name that is similar to a popular website but contain some kind of common typographical errors

Question 19

Frauds and Scams

Answer 19

Deceptive practices to deceive people into parting with money or valuable
information

Question 20

Consequences of Impersonation

Answer 20

○ Unauthorized access
○ Disruption of services
○ Complete system takeover

Question 21

Four main forms of impersonation used by attackers

Answer 21

1. Brand Impersonation
2. Typosquatting
3. Watering Hole Attacks
4. Impersonation : assumes the identity of another person to gain
   unauthorized access

Question 22

To protect against brand impersonation

Answer 22

Educate their users
Use secure email gateways
Regularly monitor their brand’s online presence

Question 23

To combat typosquatting

Answer 23

○ Register common misspellings of their own domain names
○ Use services that monitor for similar domain registrations
○ Conduct user security awareness training to educate users about
the risks of typosquatting

Question 24

To mitigate watering hole attacks, organizations should do the following

Answer 24

• Keep their systems and software updated
  ○ Use threat intelligence services to stay informed about new
  threats
  ○ Employ advanced malware detection and prevention tools

Question 25

Mitigation for Pretexting

Answer 25

training the employees not to fall for pretext and not to fill in the
gaps for people when they are calling

Question 26

Spear Phishing

Answer 26

More targeted form of phishing,
more tightly focused on a specific group of individuals or organizations

Question 27

Whaling

Answer 27

Form of spear phishing that targets high-profile individuals, like CEOs or
CFOs

Question 28

Fraud

Answer 28

Wrongful or criminal deception that is intended to result in financial or personal
gain for the attacker

Question 29

■ One of the most common types of fraud that you will see online is known as

Answer 29

Identity Fraud and Identity Theft
○ Involves the use of another person’s personal information without their authorization to commit a crime or to deceive or defraud
that other person or some other third party

Question 30

Difference between identity fraud and identity theft

Answer 30

In identity fraud, the attacker takes the victim’s credit card
number and charges items to the card
○ In identity theft, the attacker tries to fully assume the identity of
their victim

Question 31

Scams

Answer 31

Fraudulent or deceptive act or operation

Question 32

Most common scam is called the invoice scam

Answer 32

● Invoice Scam
○ In which a person is tricked into paying for a fake invoice for a
product or service that they did not actually order

Question 33

Influence Campaigns

Answer 33

affect public perception or behavior towards a particular
cause, individual, or group

■ Are a powerful tool for shaping public opinion and behavior

■ Foster misinformation and disinformation

Question 34

■ Diversion Theft

Answer 34

Involves manipulating a situation or creating a distraction to steal
valuable items or information

Question 35

Hoaxes

Answer 35

● Malicious deception that is often spread through social media, email, or
other communication channels
● Often paired with phishing attacks and impersonation attacks
● To prevent hoaxes people must fact check and use good critical thinking
skills

Question 36

Shoulder Surfing

Answer 36

● Involves looking over someone’s shoulder to gather personal information
● Includes the use of high powered cameras or closed-circuit television
cameras to steal information from a distance
● To prevent shoulder surfing, users must be aware of their surroundings
when providing any sensitive information

Question 37

Dumpster Diving

Answer 37

Involves searching through trash to find valuable information
● Commonly used to find discarded documents containing personal or
corporate information

Question 38

Eavesdropping

Answer 38

● Involves the process of secretly listening to private conversations

Question 39

Baiting

Answer 39

Attacker might leave a malware-infected USB drive in a location where their target might find it.